AML/CFT
AML Training
Dark Web
Fraud Prevention
Dark Web
Financial Cybersecurity
Financial Elder Abuse
Fraud Trends
Fighting Cyber-Enabled Fraud with BSA, Fraud & IT Collaboration – Video
November 1, 2021
0 min read
Combating Cyber-Enabled Fraud Requires Communication
Increases in cybercrime or cyber-enabled fraud deserve attention from financial institutions, as Abrigo expert Terri Luttrell explains in this video.
You might also like this whitepaper, "The 2021 BSA/AML and Fraud Staff Survey: Top Issues for FinCrime Fighters"
Takeaway 1
BSA and fraud functions have historically been siloed, and IT has been external to compliance. Increased cybercrime requires all three to collaborate.
Takeaway 2
Using their different skillsets, BSA, fraud, and IT teams should come together and discuss what cyber-enabled fraud looks like in order to fight it.
Takeaway 3
Cyberattacks are also on the rise, lending even more importance to communication and collaboration among the BSA, fraud, and IT functions.
Bank Secrecy Act (BSA) and fraud functions have historically been siloed within financial institutions' structures in the compliance world. Meanwhile, the IT security function has historically been entirely out of financial institutions' compliance areas. However, that has changed with the spike in cybercrime. Now it is imperative that all three areas within financial institutions look at fighting cyber-enabled fraud as a collaborating effort.
Watch the video above or continue reading to learn more.
Combining BSA and Fraud departments? Watch this webinar for resources and info on pros/cons.
Watch WebinarCombat Cybercrime
Different skillsets, common goal
BSA and fraud staff have very different roles, and each role requires unique investigative skillsets. Fraud is real-time hard dollar losses, requiring generally black and white analysis. BSA investigators use historical transaction data, looking at unusual patterns. The two departments typically don’t collaborate on suspicious or fraudulent activity. Financial Crime (FinCrime) experts are not IT experts. They don’t have that knowledge, training, or background. Similarly, IT security professionals generally do not have a compliance background.
Coming together and discussing what cyber-enabled fraud looks like so cross-functional risk teams are on the same page is more critical than ever. Each function can assist with developing an enterprise-wide risk assessment of cyber-enabled fraud. The collaboration between BSA, fraud, and IT security is crucial to understanding this serious criminal threat. Sure, the teams may not be under the same management, but the three groups are melding together more within financial institutions with cross-communication.
Behind the changes: COVID-19 cyber-related fraud
The COVID-19 pandemic increased cyber-related fraud exponentially. In 2020, the Federal Bureau of Investigations reported approximately 800,000 complaints of suspected internet crime to their complaint bureau. That's an increase of 20% over the previous year, pre-pandemic. That's significant. Reported losses exceeded $4.2 billion. This number includes all cybercrime or cyber fraud from the basic definition and any illicit act transacted using a computer. If it's performed on the internet, it's considered cybercrime or cyber fraud, no matter what kind of fraud it is.
In 2020 many more people began using the internet for the first time, particularly the elderly. People were isolated and were spending a lot of time on the internet, opening up more opportunities for fraudsters. Many were lonely and anxious. They were receiving those phishing e-mails, clicking when they shouldn't have. It easily could have been financial institution employees as well.
FIs Are Prime Targets
Cyberattacks on the rise
The FBI has also reported that cyberattacks rose significantly in 2020. It is clear how serious the cyberattacks have been, particularly by ransomware, as evidenced by the attacks on the U.S. food supply, energy resources, and other high-profile breaches. Financial institutions are a prime target in the United States, and the industry must be ready. Eleven million dollars is the average cost to any organization that has been involved in an attack resulting from cybercrime, and 48% of these are small businesses.
It is considered a cybercrime if it comes through a computer, the internet, or online banking. These crimes include cyber fraud, identity theft, Paycheck Protection Program (PPP) loan fraud, phishing, social engineering, and other known typologies used by illicit actors.
Collaboration, training, and inclusive investigations will better arm financial institutions to detect and report this rising risk threat.
Get the latest on fraud detection. Read this whitepaper, "5 Steps to a Stronger Fraud Detection Program"
keep me informed DownloadWe can help you fight cybercrime and cyber-fraud. Abrigo’s financial crime solution suite will detect and alert you to a host of customizable fraud types. Talk to a specialist to learn more.
About the Author
Terri Luttrell, CAMS-Audit, CFCS
Compliance and Engagement Director
Abrigo
Terri Luttrell is a seasoned AML professional and former director and AML/OFAC officer with over 20 years in the banking industry, working both in medium and large community and commercial banks ranging from $2 billion to $330 billion in asset size.
