Fraud Landscape

Document Sample
Fraud Landscape Powered By Docstoc
					Fraud Landscape
Leanne Vale
Manager Fraud Prevention
  Introduction: Leanne Vale
 Leanne Vale- Manager Fraud Prevention
Leanne Vale holds the position of Manager Fraud Prevention within Credit Union Industry
Association (CUIA). Prior to her taking up this role in 2003, she held Fraud Prevention and
Investigations Management roles within large regional banks (SUNCORP 7 years) a major bank
and credit unions. As a former Australian Federal Police officer, Leanne‟s Fraud detection,
investigation and prevention experience spans some 17 years in dedicated fraud management,
investigation and prevention roles.

Leanne has studied Bachelor of Business level, holds both Grad Certificate and a Grad Diploma
in Business Administration (CSturt) as well as a Diploma in Financial Services (IFS). Leanne has
almost completed a Masters of Business Administration (MBA) . She holds positions on the
Australian Bankers Association Fraud (ABA) Taskforce and is CUSCAL‟s industry representative
on a number of other associated industry groups and committees tasked with looking at Fraud
prevention best practice across industry. Leanne is also holds a Certified Fraud Examiner (CFE)
status and is a member of the International Association Financial Crimes Investigators (IAFCI)
Fraud support for CUIA credit unions

>   Extensive support, guidance & training
>   Training modules on External & Internal Fraud and Armed
>   Regular workshops topics such as:
>   Basic Investigative Skills
>   Mortgage Fraud/Cybercrime/Card fraud
>   Fraud Forum- CUIA‟s live link real time intelligence alert
    system- accessed by over 250 dedicated fraud staff of
    affiliated credit unions
>   Key industry representation and advocacy role- position at
    table- respected participant
    What‟s the Cost of Fraud to Society
<   Australian Institute of Criminology estimates crime costs
    Australia $19 billion a year
<   Fraud and financial crime alone account for $5.88 billion
    of this figure
<   In addition to the direct cost of crime, the indirect costs
    amount to another $13 billion
<   This gives Australia a total national crime bill of around
    $32 billion a year
<   This is equivalent to $1,600 for each and every Australian
    and represents 5 per cent of GDP
Fraud –An ever present threat

< Main categories of fraud affecting Financial
  institutions presently are:
< Identity Fraud- including theft and related crime
< Internet payment and victim crime
< Card Fraud –instances of skimming,
  counterfeiting and other compromises
< Cheque Fraud- intercepted mail, material
  alterations, valueless cheques and theft of
  banking instrument
       Industry Strategic Challenges
> Fraud types and patterns evolving in velocity and complexity

> Fraud risk landscape now information security and identity

> Links between fraud and money laundering are now
  becoming more apparent

> Two factor authentication for internet banking now a second
  stage product with major and regional Banks

> Debate continues for industry access to full Identification
  document validation system

> Industry collaboration – co-operation is at its highest levels
  however there are still significant challenges for all credit
  unions- strength through CUIA collaboration
    Fraud Trends

<   Probability and impact continues to escalate- BIN
    attacks > 1M, volume and velocity increasing
<   Losses are significant, real-time & widespread
<   Fraud costs: bottom line, reputation & brand,
    member confidence, staff morale...
<   Criminals using traditional methods as well as
    new, sophisticated modus operandi
<   Fraudsters are well equipped, well organised and
    well financed!
          Changing Payment Channels

                                                2006- Electronic
                2001 – 2003                       High customer
1994 – 2000                      Electronic
                Credit card                       impact Multi-
  Cheque           fraud             Use of        jurisdictional
   fraud                         accounts to
                 Small value        receive      Multiple product
 Fraudulent           test                       Multiple attacks
   cheque       transactions                       Collusion
                                derived funds
deposits into    on skimmed     – transferred    Global organised
 small value     credit cards      off-shore      crime influence
  personal       followed by      using wire
  accounts        large cash       transfers     Large scale data
                advances off-                   compromise targets
                          Sophistication of fraud is increasing

                                                                                                Internet (trojans)& Bots
                            Telephone Banking (mail)
                                                                                                    Internet (phishing)
                                                               ATM skimming

Sophistication of fraud

                                           B-pay fraud (mail)              Internet Banking (mail)

                                                                IVR Identity Fraud


                                                       Credit card skimming (international/domestic)

                                                                        Identity take-over (mail)

                                                 false application fraud (broker)

                                                                          Counterfeit cheques

                                                                         Washed cheques (payee)

                                     Washed cheques (amount)

                           False identity – unsecured products

                          2000                          2002                             2004                        2006
                              Identity related
                           Instrument related
                   Card Fraud
Key Issues
< Skimming
< Counterfeit cards
< Web attack- Data Hacking
< BIN attack
< Organised crime gangs
< Brand damage and loss of consumer confidence
Controls mitigation
< Issuing Controls- CPP detection
< Merchant education (signature checking etc, use
< Staff Education and consumer awareness
< Effective use of First Data Alert detection
< Demonstrating to Management ROI for FDA
Threats and Challenges

>   Counterfeit is on the increase (No.1 challenge)

>   Card Not Present (CNP) fraud (No. 2 challenge)

>   Increasing charge-backs causing outcry from retailers

>   Verified by Visa and CVV2 still to reach critical mass

>   Increasing domestic Common Purchase Points (CPP)

>   Wire tapping- emerging threat

>   Data security breaches

>   Progression to chip card/PIN & POS
 Risk v Reward- Skimming
Australian Federal police call for introduction of chip and PIN

 ‘Chip cards are to be deployed in Australia (by 2010) as a defence against fraud
 migrating from neighbouring countries that have already shifted to EMV‟.
 Source: The Sydney Morning Herald, 29 August 2005
Card Fraud Profile - 12 months

                  Fraud Losses Report
                 From: 20050701 To: 20050930

                                  Number         Total Loss
                 Counterfeit               161   $320,416.94
                 Acct. Takeover             74   $175,218.79
                 Stolen                    122   $169,708.95
                 MOTO                      357   $113,006.82
                 Fraud-App                  14    $41,547.41
                 Lost                       18    $15,852.59
                 Other                      69     $8,786.67
                 N-R-I                       5     $4,325.67
Fraud trends – Acquiring (Retail Sales Volume)

                                                                               Fraud Amount
                                                                               Australia Fraud to RSV

                 12,000                                                                        0.08%
 US$ Thousands

                  6,000                                                                        0.04%

                    -                                                                          0.00%
                          Q103   Q203   Q303   Q403     Q104     Q204   Q304   Q404   Q105

Australia Acquired Fraud by Type

                                                                                   YE Jun 04
               20                                                                  YE Jun 05

US$ Millions

                    Lost & Stolen   Counterfeit   Fraudulent Use of   All Others
 Best Practice Fraud Detection
> Mark Fraud in First Data Alert
> Use Reports to review performance regularly
> Determine what rule and queue changes are
> Request FDI complete changes
> Monitor results of changes made
> Make further changes if necessary
> Monitor fraud that occurs after hrs & on
> Utilise management reporting capabilities
FDA- Developing a fraud risk capability

> Demonstrate return on
  investment- capability & product
> Demonstrated use „management
  reporting‟ capabilities & function
> Performance benchmarking
> Balance scorecard approach
> System-People-Capability
The Importance of Performance

> Transactions under credit unions
  „radar‟- outside monitoring time
> Ratio of False Positives – no of
  confirmed frauds/alerts monitored
> Where are confirmed frauds being
  detected and how – lessons learnt?
> Alerts Generated versus Alerts
  Reviewed- are the rules efficient?
> Capacity to conduct analysis?
Strategy for managing card fraud

 Prevention /                                                                             Investigation
 Detection                                                                                Decision making as to when to

 First Data Alert                                    Strategy                             commence or outsource an
                                                                                          investigative process
        Optimise alert queues,                     Constantly review and                 Act swiftly on information from
        reduce false positives                      analyse data obtained                 industry regarding compromises
                                                     from other industry                  from skimming
        Management of rules &                             players
        queues to optimise                         (banks/schemes/govern                  Proactive participation Fraud
        detection efforts and                       ment agencies etc) to                 alert intelligence distribution via
        increase efficiencies                       achieve ongoing fraud                 CUI- from ARC, Interbank &
                                                      minimisation best                   VISA

                          Fraud                                             Identity Fraud
                                                                            Staff Training
                       back process
                                                                            Frontline/lending critical in
                Maximise ability to recover fraud losses                    detecting false application (in
                    under Visa scheme rules and                             absence of full scale application
                              regulations                                   fraud software)

                                  Knowledge-Application- Process- People
Fraud Risk strategy

                    Fraud prevention

                               3D Secure Internet
       EMV chip cards            Authentication

  Fraud detection      Education and           Industry
   and reporting          training           cooperation
       CUIA             Workshops              ACRC

>    The moving   >Identity theft soars and now costs $3bil a year
    journey..     >11 June 2006

                  >Sunday Herald Sun – Identity theft is costing
                  Australians up to $3 billion a year and it is
                  getting worse, according to credit and consumer
                  >An Australian Consumers' Association survey
                  revealed 8 per cent of people had been victims
                  of identity theft.
                  >A US credit card breach compromised 130,000
                  Australians and four million credit cards
                  worldwide in July," he said.
                  >In India, fraudsters offered to sell the details of
                  thousands of Australians to call centres.
                   High Tech Crime

>   Internet presents opportunity for criminals to
    commit cross border and transnational crime

>   Criminals have easy access to quality
    counterfeiting means- desktop, card production

> Organised Crime- mobile and well resourced

>   Money laundering and terrorist financing
    emerging threat

>   Technological change means fast progression
    from fraud type to fraud type
                  High Tech Crime
Key Issues
< Trojan viruses
< Ghosting of sites such as jobsites and others
< Rapid technological change- evolution to use of bots
< Education of members still a constant
< Key message should be systems are safe- not c union
Controls / mitigation
< Formulating a strategy for response
< Operational capacity
< Analysis of scope for two factor authentication
< Segmenting customer base to decide implementation
< Considering the entire member experience
Phishing – Sinister beginnings
Phishers - casting the
    widest net….
Fraud Prevention : Consumer Focus
Joint Banking & Finance Sector
Investigations Team
> On 20 May 2004 the taskforce was launched.
> A number of prosecutions were initiated by State police and
  AHTCC members in relation to mule activity.
> Referrals were made to State police from the JBFSIT team
  whilst other offenders were identified by State police with
  the team providing assistance. In total 60 prosecutions were
  initiated in 2005.
> Nearly 500 foreign recipients referred from Financial
  Institutions in relation to “mules” who have applied for
  “jobs” on the internet. Recipient names referred to Western
  Union for blocking returning of funds.
> Two Strike Forces within NSW due after referrals from
  JBFSIT team.
> Assistance to all Financial Institutions within Australia on
  how to investigate Internet Banking crime.
Cybercrime –AHTCC-CUIA

> CUIA is integral link with AHTCC for credit unions
> Referrals DAILY with AHTCC via CUIA
> Losses mitigated – so direct fraud loss enacted
  into hundreds of thousands each month
> EDUCATION of members paramount
> Progression to two factor is business case for
  some credit unions
> Efforts by credit unions being rewarded – AUDIT
  and management reports of Internet Funds
  transfer now integral in absence of full scale
  detection software
Credit unions face many

   Managing data and measuring
   Ability to identify and respond to
    new scams
   Managing fraud operations
   Stronger authentication for
    internet banking
   Industry collaboration
           Proactive v‟s Reactive Strategies

>   Analysis of previous fraud matters to enlist lessons learnt
    and develop fraud prevention capabilities & strengths
>   Adopt an inward looking as much as outward looking
    approach to fraud via an organisational wide approach
>   Incorporate fraud risk assessment as part of business
    operational risk
>   Credit Union‟s practical strengths in these areas will assist
    to build future capabilities
>   Contact CUIA for ongoing support, guidance and capabilities
    in direction on all Fraud matters
  AML -Transition building on experience

                  Financial Transactions Reports     Anti-Money Laundering &
                         Act 1988 (FTRA)            Counter Terrorism Financing
Scope            AML = PRESCRIPTION BASED          AML + CTF = RISK BASED

Identification   @ account opening:                @ provision of designated service:
Procedure        > 100 Point check                 > identification & verification role
                 > Acceptable Referee              > KYC information
                                                   > risk profiling
                                                   > re-verification trigger
                                                   > transaction monitoring

Reporting        > SCTR = $10K+                    > threshold transaction = $10K+
                 > SUSTR = any                     > report of suspicious matters = any
                 > IFTI = all                      > funds transfers report = all

Record           > 7-yrs                           > 5-yrs (?)
Proposed regime

>   Framework:
     >   Legislation (principles-based)
     >   Regulations (unknown)
     >   Rules (risk-based)
     >   Guidelines (good practice options)

>   Key elements:
     >   Part 2 – Customer Identification Program
     >   Part 3 – Reporting (suspicious + threshold reporting + IFTIs)
     >   Part 4 – Funds transfers (originator information)
     >   Part 7 – AML/CTF Program
     >   Part 10 – Record keeping
     >   Part 11 – Secrecy and access (tipping off)
     >   Part 12 – Offences
Basic responsibilities

>   The AML/CTF Program bundles the obligations together in the
    “develop, implement and maintain an AML/CTF
    Program…[that]… include appropriate risk based systems and
    controls and that are designed to effectively identify and
    materially mitigate the risk… of a ML offence or TF offence”

     >   Customer Identification Program (CIP)
          >   KYC information (minimal and additional) – name, DoB + residential address
          >   Risk triggers

     >   Customer Due Diligence (CDD)
          >   Ongoing collection and updating of KYC information
          >   Risk classification
          >   Transaction monitoring

     >   Enhanced CDD (E-CDD)
          >   for higher risk transactions
Basic responsibilities

>   Credit union will need to assess ML and TF risks – to set the standard
    for the following:

     >    Reporting:
           >   Suspicious matters – reference to tipping off offences
           >   Threshold transactions - $10K (cash or e-currency)
           >   Funds transfers (originator information)

     >    Training staff about AML/CTF risk

     >    Employee due diligence – links to APS 520: Fit & Proper + ASIC tests

     >    3rd party due diligence – links to APS 231: Outsourcing (revised)

     >    Record retention – copies, duplicates, originals, timeframe, format

     >    Board oversight – AML/CTF is a board governance issue
          AML Officer- designated responsibility- Compliance/Fraud synergies

     >    Independent review – by internal or external party
Risk-based vs. prescriptive approach

>   Roundtable communiqué 21/07/05 said:

    “There was general agreement on the concept that the new system
    should allow a risk-based approach, with a regulatory framework,
    which allows the flexible application of obligations”

>   the ED is overly prescriptive and lacks detail

>   So what are AML/CTF risks?
     >    inherent risks
     >    residual risks

>   Each reporting entity to establish its AML/CTF risks

>   Risk based approach preferred over prescriptive obligations
So what is risk?
Be calm

>   CONNEXUS 2005:

    Credit unions represent a fairly low risk of money
    laundering activities, Senator Ellison admits.

    “I don’t see mum and dad investors as being the risk
    here, and I realise that credit unions are largely made
    up of mum and dad investors.”

>   Remember, we‟re building on experience

>   Thankyou..
>   Leanne Vale
>   Manager Fraud Prevention
>   CUIA 02 899 9054

Shared By: