The COVID-19 pandemic continues to impact the global economy hard, triggering business continuity and crisis management responses across organisations of all sectors and sizes. At the same time, the financial services industry faces new unique threats from fraudsters and continued expectations from regulators that anti-money laundering (AML) compliance must be maintained despite the disruption to business-as-usual.
Voluntary and government-mandated quarantines and stay-at-home orders have also reduced in-person banking activity and increased online banking and remote transactions. This increase in remote banking has challenged financial institutions to comply with AML/CFT requirements related to customer identity verification and due diligence.
The COVID-19 pandemic has provided a variety of emerging financial crime and fraud risks for individuals and the business community. Post pandemic, we may see new fraud, money laundering and terrorist finance threats which have adapted to the restrictions placed on individuals and businesses.
It’s therefore crucially important that financial institutions, individuals and the wider business community are vigilant and fully informed on new and emerging trends.
I joined RiskScreen for one simple reason – because I share their belief that there is a better way to combat money laundering and terrorist finance. It’s clear that the way individuals and organisations tackle money laundering has very serious consequences for everybody. Our commitment is to shape that in a way that drives positive socio-economic change whilst also delivering investment value.
Let’s consider some evolving problems:
1) New COVID-19 fraud threat vectors
Business considerations
Are my employees and customers aware of new pandemic-related fraud threats? COVID-19 themed phishing attempts can result in:
- Theft of personal data to enable account takeovers;
- Credit/loan fraud;
- Card “not present” fraud; and
- Payment diversion fraud?
Potential response approaches
- Provide ongoing and up-to-date training to ensure awareness among employees of new fraud threats and actions to be taken in order to prevent and detect them
- Review and investment-exercise your cyber incident response strategies and (if appropriate) consider and audit any impacts on information security and data privacy
- Ensure your fraud and AML teams are streamlined to ensure timely reporting of suspicious activity to law enforcement agencies
2) Significantly increasing short-term loan applications
Business considerations
Does my organisation have:
- processes/infrastructure in place to screen short-term loan applications?
- the capacity to process the volume of applications?
- the capacity to onboard clients virtually?
Potential response approaches
- Create, document and deploy new technology-based processes for handling applications
- Consider your resource requirements for short-term loan applications
- Assess and adjust your methods of onboarding to ensure they meet relevant regulatory requirements
3) Promoting and maintaining a culture of compliance with virtual teams
Business considerations
- If company devices are being used from home, are cybersecurity and sensitive information risks being adequately identified and managed?
- Does my organisation have the technological maturity to handle large numbers of employees now working remotely?
- Are my teams able to conduct their compliance responsibilities (KYC, TM/Sanctions alert review, Investigations) effectively to ensure compliance with regulatory requirements?
Potential response approaches
- Assess and measure the impact on compliance, productivity and cybersecurity from the various technology solutions available
- Leverage technological solutions to provide virtual training on new fraud and AML threats, as well as on revised digital processes (i.e. moving away from paper-based processes which are no longer workable)
4) Transaction monitoring of evolving consumer behaviours
Business considerations
- Do my transaction monitoring (TM) rules account for deviations from a historical customer profile? Could the change in consumer behaviour result in increased monitoring alerts?
- How is my customer’s behaviour changing given the COVID-19 pandemic?
- As an example, is your organisation faced with an escalating number of cash withdrawals?
- How should TM alerts be prioritised based on the disruption to BAU given the regulatory focus on suspicious activity reports?
Potential response approaches
- Re-assess TM models to appropriately record new risks posed by COVID-19 related financial crime threats
- Utilise data insights to understand evolving consumer behaviours and segregate high-risk profiles for closer monitoring
- Consider your resource requirements for an unplanned surge in monitoring needs
The power of partnership
Whilst the current pandemic has presented many new risks and challenges for the financial services sector, it also provides an opportunity to embrace new ways of working to help mitigate the associated risks. However, in order to be successful this will require everyone to collaborate, share knowledge and work in partnership. Financial institutions have already gone some way to working collaboratively with Financial Intelligence Units, law enforcement and regulatory stakeholders to share relevant information on new and emerging trends. This will ensure that information on new financial crime typologies can be used to turn the tide on the fight against fraud, organised crime and terrorism.
To talk to us about the challenges your business is facing in the current pandemic, or to see how the RiskScreen platform could transform your processes, please request a call.
By Hamish Singh, Head of EMEA, RiskScreen, 1 March 2021
