It’s been widely reported that banks are losing ground worldwide when it comes to the war on crime. That includes new account fraud. Yet the cost alone does not begin to tell the entire story. These criminal activities can damage a bank’s reputation and destroy the trusted relationships that they work so hard to establish with their clients.
Banks have long been the target of fraudsters. However, with the recent rise in popularity in digital banking, criminals are becoming even more inventive. They’re using the new technologies and the sheer volume of transactions to cloak their criminal activities. So if we were expecting a decrease in fraud due to digitalization, in fact, the opposite has happened. This means that financial institutions must be proactive and stay one step ahead.
Fraudulent onboarding is of particular concern. But it’s also where financial institutions have their first and best opportunity to nip criminal activity in the bud. As these crimes become increasingly sophisticated, it’s vitally important that banks implement rigorous prevention strategies to counteract criminals at the initial point of contact: onboarding.
It’s an ever-changing landscape that requires a proactive approach. In this article, we’ve outlined what you need to know to meet the challenge.
What is New Account Fraud?
In the financial world, account fraud generally refers to any type of illegal activity related to bank and credit accounts. This could include, for example, identity theft, credit card fraud, fraudulent loan applications, unauthorized access, and more. Fraud might also involve changing the account information so that the criminal appears to be the rightful owner. The victims may know the fraudster, or they could be complete strangers.
New account fraud occurs during the onboarding process or during the initial 30 to 90 days of account opening. A typical scenario might be that the criminal opens a credit card account, maxes out the line, and then vanishes without a trace.
There are two types of account fraud: traditional and synthetic.
1. Traditional Fraud
This is commonly referred to as identity theft. The fraudster steals the victim’s personal identification and uses the information to take money or gain access to their bank or credit card accounts.
2. Synthetic Fraud
Synthetic identity theft is the fastest-growing type of financial crime in the U.S. With this type of fraud, the criminal creates a fictitious identity by combining real and fake information. It’s even more dangerous than traditional theft since its perpetrators are more difficult to apprehend. Fraudsters are able to avoid detection by creating nearly untraceable identities, often even stealing the identities of children who, of course, have no credit history.
What’s worse is that when the fraud is detected and the criminal goes unapprehended, the thief can easily create another new identity. Although they may be initially denied credit, these fraudsters keep trying until they are finally granted a credit card or given an account.
How To Prevent New Account Fraud During Onboarding
In-branch practices that rely on human interaction and judgment simply don’t work in the digital world. As a result, risk managers have had to develop and implement new best practices that ensure compliance, prevent fraud and provide a frictionless experience for the customer.
Any operational framework for fraud detection must comply with KYC and AML regulations and protect the bank and its customers. For that, you need robust processes that accomplish the following:
1. Identity Verification
The first step of the process is to verify all of the applicant’s information against public records to ensure they are who they claim to be. This includes the name, date of birth, home and billing address, phone number, and email. Banks must ensure that, for example, the home address is for an actual residential address rather than a prison or hospital.
In addition, the process must confirm that the phone number is valid and belongs to the applicant by sending a one-time password to the device. Even when data appears legitimate, the bank must ensure that none of the information appears on a blacklist or was used to perpetrate fraud in the past.
Further, they must verify the device history and the number of devices associated with the applicant’s user account. If any of the devices is associated with previous failed validation attempts, that’s a red flag. For the funding account, the bank will want to verify that the account has not been associated with fraud and that the billing address is the same.
2. Fraud Detection
New account fraud detection is about understanding and monitoring user behaviors, particularly during the first 30 days when fraud is most likely to occur. Artificial intelligence and machine learning can make it possible to analyze data on multiple levels and identify fraudulent patterns. For example, fraud detection might indicate that a mobile device is stolen or is associated with several new accounts. There is also risk-based fraud detection that assigns a score to certain behaviors that could be signs of potential trouble, such as changing the beneficiary or the user profile.
3. Geolocation Tracking
This process involves analyzing the geolocation using the IP address, phone number, card issuer, and billing information, and includes the following practices: Verify that the state and country are allowed per your bank’s regulations; confirm the proxy, including ensuring that the IP address is not bad or anonymous; and ensure that the application is not from a bot or Tor network.
4. Understanding User Behavior
In addition to the initial account opening, fraud may occur, as mentioned, after the account is open and appears to be legitimate. During these early days, the bank simply does not have enough information to benchmark normal behavior for new customers. Some activities raise red flags because they align with known criminal patterns. These may include, for example, a recently issued identification or social security number, opening the account with a small cash deposit, or having a home or business address that is outside the geographic footprint of the bank.
But other behaviors can look relatively normal. The best fraud detection systems look for patterns and activities that have previously been identified as fraudulent. Behavioral analysis of user interactions can identify data or activities that seem suspicious. This may include, for example:
- Behavior that is consistent with bots
- Usual spending patterns
- Types of payees
- Sequence of activities
- Risky locations
Protect the Bank and Provide a Great Customer Experience
Unfortunately, when banks prioritize giving customers a frictionless and hassle-free onboarding experience, it can make it easier for fraud to occur. The newest threats, such as synthetic identity, can slip by traditional security measures without detection.
Even when you adhere to a robust onboarding process, there will be challenges. That’s why digital banking solutions must continuously develop the ability to identify suspicious patterns. Follow these tips to ensure that fewer threats slip by your onboarding process:
- Consider outsourcing your customer onboarding to ensure that you have the latest in fraud detection, AML solutions, data verification, and more.
- Use a layered and integrated authentication approach to ensure that documentation is legitimate.
- The most progressive outsourced customer onboarding systems leverage advanced machine learning, AI technologies, and third-party data to spot fraudulent behavior and suspicious patterns and activities.
- Implement a no-code or low-code solution that has your financial institution up and running in hours, not months, and provides continuous updates to keep you ahead of the criminals.
Change Your Onboarding Outcomes in an Instnt
Banks and financial institutions have always been a target for criminal activity. The move toward digitalization makes it even easier. The cost is staggeringly high, so the goal, of course, is to stop fraud before it happens. At the same time, however, it’s important to give customers the streamlined experience they expect, because the last thing you want to do is to discourage or eliminate good customers during onboarding.
Instnt AcceptTM is the fully managed digital onboarding solution that provides customers with an easy and intuitive experience while decreasing the new customer rejection rate. With Instnt AcceptTM, you’ll reduce your operating costs and be able to stop fraudulent activity before it begins. Codeless integration means you’ll be up and running in minutes, not months. Plus, Instnt AcceptTM provides up to $100MM in annual fraud loss insurance.
By following onboarding best practices and having strong verification processes in place, you’ll be able to speed up your onboarding while dramatically reducing the risk. In addition, with more good customers approved, you’ll increase your revenues. Contact Instnt today to learn more.