- FIs expect 70% increase in average daily digital transaction volume by 2025
- About 74% of FIs expect scams to escalate and 69% foresee increase in money laundering in 2022
- Emerging concerns: scaling fraud detection to meet growing volume of digital transactions; increasing cost of compliance
- Inadequate data governance and standardisation are key gaps in fraud risk investigation for 38% of FIs; 31% have not integrated cybersecurity, fraud control and compliance
- 47% of FIs actively using machine learning tools; end-point threat detection is the largest investment component against fraud
- FIs plan to add unstructured geographic data in analytics in 2023
Accelerated digitalisation has undoubtedly increased the ease and speed of transactions, but developments in emerging technologies have also increased the instances of fraud and cyberattacks on financial institutions (FIs). Institutions struggle to balance customer experience with security, risk management, and compliance needs.
The Asian Banker conducted a survey in June 2022 across 250 respondents in seven countries: China, Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam. The survey findings reveal emerging trends, challenges and investment focus in fraud risk management.
The growing threat
According to survey results, Asia registered an average of 66% of digital transactions and 57% through branches in 2022 for the surveyed FIs. Respondents expect the average daily digital transaction volume to surge by 70% in 2025 compared to 2022. The rapid digitalisation accentuates the role of FIs in safeguarding transactions and assets.
The risk of digital fraud and cyber-attacks across the region has increased and remain a persistent threat. In 2021, 49% of FIs saw an increase in scams and 47% saw an increase in phishing incidents. The threat dynamics escalated in 2022 to 74% of FIs expecting scams to increase and 69% expecting money laundering incidents to grow. The growing risk vectors highlight the need for FIs to prioritise and proactively address risks and strengthen prevention capabilities.
Regulators across the region have also become increasingly stringent, requiring FIs to put in place robust measures to prevent, detect and respond to scams. They have stressed the need for customer education, authentication, fraud surveillance measures, customer handling and recovery as well as evaluating equitable loss-sharing guidelines.
This was highlighted following cyber fraud attacks on OCBC in December 2021, which led to regulatory sanctions in the form of additional capital charges and tightening of cyber security guidelines.
These include a loss-sharing framework for FIs that are not meeting the technology-risk management requirements by Monetary Authority of Singapore (MAS) that mandates stronger verification and new directives to ensure adequate risk management across the region.
The increased scrutiny led to higher penalties and expansion of risk perimeters. Regulatory fines were rated as the highest in fraud losses by two out of five surveyed institutions.
Key challenges and issues in fraud and compliance management
Real-time and faster digital transactions shorten transaction clearing times, requiring institutions to identify and address security risks faster than ever. The survey revealed that 39% of FIs find it most challenging to scale fraud detection measures to keep pace with growing transaction volumes while 33% are challenged by identity verification.
Compliance costs emerged as the biggest concern in expanding online products (44% FIs). Fraud checks of new customers in the onboarding process poses another bottleneck in the customer journey for 38% of FIs.
There is a growing understanding that the ability to address fraud in real-time rests on integrated and quality data with an advanced analytics framework. As FIs strengthen their fraud risk capability, data integration emerged as a key gap. About 38% of FIs indicated inadequate data standardisation as their most critical gap, alongside 32% who are challenged by fragmented data because of piecemeal systems and software.
Non-integrated and siloed organisational structure with data pockets add complexities to effective enterprise-wide risk management and integrated insights. About 31% of FIs still operate with independent cybersecurity, fraud and compliance functions, alongside 36% that have independent structure but integrate insight across two of these verticals.
Among different markets, Indonesia reported higher organisational integration while China reported the lowest.
Emerging trends and multi-layered initiatives towards improving fraud detection
Increasingly, institutions focus on integration of data from transactions, devices and big data to strengthen fraud control. Data from interconnected devices are used by 78% of FIs, while 76% use transaction data and 64% public data.
Going forward, in 2023, 47% of FIs plan to add internal unstructured data and geographic data to heighten fraud detection.
The need to integrate data across silos has driven 42% of FIs to prioritise investment in one platform to interexchange application data and transaction data in 2022. Platform to share data across compliance, fraud and cyber silos also remains a high priority for 49% of FIs.
Machine learning (ML) algorithm tools have become a front runner in strengthening analytics capabilities. A significant 47% of FIs actively use ML while 37% are now beginning to use them and another 15% plan to add them in 2023.
FIs are channeling investments towards technology tools to address risk. To manage risk in new customer applications, FIs prioritised investment in fraud-management solutions in digital onboarding and malware detection in 2022. ML and device fingerprinting remain a high priority for future investment for most FIs.
One out of two FIs have prioritised investment in new end-point threat detection solutions in 2022. About 29% of institutions intend to invest in new identity verification solutions such as electronic Know Your Customer (eKYC) and biometrics.
Real-time data streams and expanding data volumes require increased storage capacity and faster processing and analytics. To scale the data and analytics capability, cloud adoption is increasing. The survey reveals the cloud strategy of institutions is split almost equitably between hybrid, private and public cloud.
A significant 69% of FIs now prefer their fraud management solutions to be hosted by solution providers rather than on-premise (31%). The majority of FIs prefer a Software as a Service (SaaS) model that allows faster deployment, scalability and less capital.
To keep their systems updated against evolving threats, one out of two FIs refresh fraud detection solutions every year while 16% refresh them every two years.
Alongside technology and data, human resource (HR) development plays an important part in managing and mitigating risks. The skill requirements in analytics and risk management to anticipate and thwart emerging risks are sharpening.
A significant 48% of FIs continually upgrade staff skillset and 19% actively plan to hire new staff; 16% have yet to plan for additional HR requirements and another 16% plan to use resources from external technology partners.
There is an urgent need for an enterprise-wide holistic approach to fraud management encompassing data, technology, people and processes. There is heightened attention around multi-layered risk management, adoption of advanced technology with speed and building organisational capabilities to proactively predict and address fraud in real-time.