In their search for the path of least resistance, fraudsters have discovered that trickery and deception are highly effective strategies. As noted by FinCEN, Business Email Compromise (BEC) is one area of financial crime where these tactics reign supreme, and that is causing institutions major losses. In 2019, FinCEN issued an updated advisory on BEC schemes, noting that instances are increasing, with losses to financial institutions and their customers exceeding $9 billion since 2016. Meanwhile, the concurrent and considerable evolution in these particular scams is making them a serious challenge to fraud detection and management.
Evolution in Business Email Compromise
Criminals are investing significant effort into studying their targets to identify vulnerabilities they can exploit with email compromise and more specifically, BEC fraud. Consequently, FinCEN broadened its definitions of these scams “to clarify that such fraud targets a variety of types of entities and may be used to misdirect any kind of payment or transmittal of other things of value.”
In line with this expansion, criminal efforts are driving an evolution in the victimology and typology surrounding BEC schemes. Bad actors are now attacking sectors like real estate and construction, while shifting toward non-traditional business customer targets (e.g., government organizations, financial institutions, educational institutions), increasing their attempts on wire channels, and moving to compromise virtual currency payments, automated clearing house (ACH) transfers, and gift card purchases.
The sheer variation and growth in BEC schemes are making it challenging for institutions to keep pace, and the time is right to consider how a financial crime management system using advanced technology can help prevent and mitigate losses.
Considerations for Technology
Real-Time, Targeted, Cross-Channel Analysis
Wire transfers are often irrevocable, and so in the advisory FinCEN has emphasized that “identifying fraudulent transaction payment instructions before payments are issued is therefore essential to preventing and reducing unauthorized transactions.” To prevent losses, financial institutions need faster detection through integrations with inline wire transfer systems and real-time analysis.
In this success story, Verafin’s targeted, real-time analytics prevented a $90,000 BEC scheme at Bell Bank. According to BSA and Fraud Officer Stacey Iverson, “the wire request was sent and thankfully Verafin caught it… Verafin saved the bank, and the customer, from a loss.”
Cloud-Based Analysis for Payee Confidence
A major dilemma facing financial institutions is how to counter escalating fraud concerns without inconveniencing customers with unnecessary call backs. A cloud-based approach can provide institutions with greater context around transfers with increased visibility into the wire payees.
By examining payments across the Cloud, Verafin’s wire fraud solution factors this powerful evidence into analysis, increasing your confidence that a wire payee has an established history and is not associated with past fraudulent activity, and reducing false alerts, institutional risk, and time spent on customer call backs.
Artificial Intelligence & Machine Learning
As BEC schemes grow more complex, financial institutions need a fraud detection and management solution that keeps them ahead of this shifting landscape. Solutions that leverage the latest advances in artificial intelligence and machine learning can play a key role by detecting and evolving to meet new fraud patterns.
Verafin leverages its powerful cloud environment for robust real-time fraud detection, and to develop highly-targeted machine learning fraud agents that reduce false positive alerts and keep you ahead of the latest trends in criminal activity.
Information Sharing Opportunity
“Business Email Compromise fraudsters are becoming increasingly sophisticated, often backed by complex networks of witting and unwitting money mules that assist in laundering their proceeds through the U.S. and international financial systems.”
From domestic money mules to international transfer destinations, BEC schemes are growing more complex and linked to criminal networks. FinCEN encourages institutions to share information about BEC fraud, noting that collaboration among institutions could “help identify and prevent financial crime and movement of funds through broader criminal money laundering networks” and prevent billions in further losses from BEC schemes.
Verafin provides information sharing technology to institutions that are members of the FRAMLxchange, the industry’s largest secure information sharing network of institutions.
Email compromise schemes such as BEC are a major modern threat only increasing in prevalence and sophistication. Financial institutions must move quickly to engage effective solutions that can feasibly combat and keep pace with criminal advances, while reducing front-end customer inconveniences like call-backs.
A robust and targeted fraud defense that leverages real-time cross-institutional analysis and advanced artificial intelligence, while facilitating payee confidence and information sharing, is the strategic way forward to stem the flow of illicit funds and address the challenge of BEC perpetrators and their networks.
Verafin offers a full suite of solutions to help defend your institution against BEC scams and other evolving criminal schemes.