During a transformational year that saw 92% of consumers go online to make purchases, and with 85% of consumers now performing some banking activities online, financial institutions (FIs) are under more pressure than ever to provide effective digital security.
Consumer expectations of banks and FIs are also increasing, and regulators are coming down harder whenever cybercriminals defeat the digital defenses meant to protect users.
As the digital shift scales, FIs and other companies are under more intense scrutiny when it comes to verifying the identities of the individuals and entities with which they transact.
Pandemic cybercrime demands a strong response
In the latest edition of the AML/KYC Tracker®, a Trulioo and PYMNTS collaboration, two competing notions vie for primacy. One is the need for banks and FIs to apply more stringent anti-money laundering and know your customer safeguards; the other is the imperative to deliver frictionless banking and payments experiences for consumers at the same time.
“Banks are required to comply with AML/KYC regulatory measures and must provide identity checks that help authenticate users,” as the Tracker states.
Additionally, “poor identity verification in online retail or financial services can jeopardize the security of relationships with both consumers and businesses. There were approximately 1.4 million reports of identity theft in 2020 alone, more than doubling the number of incidents reported in 2019, according to the Federal Trade Commission’s (FTC) Consumer Sentinel Network.”
While banks must keep seamless functionality in mind as an ideal when bringing in new AML/KYC detection capabilities, it’s important to remember that consumers expect some friction in authentication and often feel less safe when verification feels too easy.
As the Tracker adds, “as more banking activities go digital, consumers are becoming aware of the existing vulnerabilities. A FICO report on how the pandemic has driven FIs toward digital transformation found that U.S. consumers have high expectations for identity verification. Sixty-two percent expect to verify their identity when opening an account digitally, and 42% expect to set up biometric identification during the onboarding process.”
In other words, consumers feel safer knowing that powerful security is running in the background.
Digital defenses to mitigate risk
A prime example of fraud threats on the rise in 2021 is the creation of extremely convincing fake online businesses, which cybercriminals find easier to do in a remote-centric world.
Per the new Tracker, “as fraudsters adopt more sophisticated scams such as impersonating a business, this requires an upgrade in digital AML and KYC solutions.”
FIs seeking to mitigate fraud risk without sacrificing experience are investing in advanced fraud and AML solutions “such as digital ID verification, digital banking tools and access to consumer data, [which] becomes an advantage and is no longer a weakness for fraudsters to exploit.”
In one example of how companies are managing this changeable landscape, Tom Curran, chief risk and compliance officer at San Francisco-based FinTech Upgrade, said, “We make use of a wide data set [that includes] conventional CIP/KYC data, other ‘metadata’ IP and device data, [and] biometric identifiers such as voice and speed/manner [when] adding customer info in the application process. [This] has helped us be more proactive.”
Similarly, FIs and banks are adopting behavioral biometrics to combat identity theft and account takeover (ATO). “Fraud teams can continually monitor user behavior during a mobile banking session, pinpointing anomalies in finger pressure or navigation and swipe patterns, and then trigger additional authentication requirements if the user does not seem legitimate.”
Other highlights from the latest AML/KYC Tracker include these items of interest:
- Update on taking a data-centric approach to meet AML/KYC requirements
- Hong Kong regulator fines four banks $5.7M for AML breaches
- How approaches to AML/KYC have changed as digital banking grows