May 4, 2022
By Greg Woolf
Financial institutions are under attack and losing 5% of annual revenue to fraudsters, according to the Association of Certified Fraud Examiners. The sophisticated approaches used by these fraudsters won’t be stopped with more anti-fraud solutions. However, collaboration across banks, regulators and law enforcement would deal a serious blow to cybercrime.
While regulators have urged financial institutions to adopt a collaborative approach, businesses remain cautious due to legal, competitive and logistical issues. While all valid points, the threat posed by digital fraud necessitates action now. With existing technology solutions and a little something called collaboration, these institutions can fight back.
The first step is knocking down the walls between anti-fraud and cybersecurity departments. These divisions made sense when they targeted different criminals using different methods. Today’s cybercriminals, however, represent an amalgamation of these groups, combining elements of traditional identity theft with cyber elements like automation and machine learning.
Once silos are removed, educate these teams on this growing threat, how fraudsters operate, and the technologies and tactics used. From there, encourage teams to openly share information and best practices that may have previously been used in isolation. Next, they should work together to create new approaches for fighting fraud that utilize the full range of knowledge and expertise available across the organization.
At this point, it’s time to think even bigger by applying this collaborative approach to the wider financial community. Regulators and law enforcement are vital members of this community, as immediate action is critical once fraudsters are identified.
While financial institutions have options when it comes to tackling fraud, the best is a consortium model. This model provides a venue to share data, specifically fraudulent profiles, in a central location to benefit an entire community. Information in transit is protected by sophisticated encryption. This addresses customer privacy and regulatory issues while ensuring sensitive data does not fall into the wrong hands.
The Confidential Computing initiative seeks to further strengthen all aspects of digital data protection. Simon Johnson, Senior Principal Engineer at Intel, explains how Confidential Computing can “...enable encrypted data to be processed in memory without exposing it to the rest of the system, dramatically reducing the potential for sensitive data to be exposed while providing a higher degree of control and transparency for users.
Essentially, Confidential Computing empowers financial institutions to take a bolder approach to collaboration. When used correctly, it could be the building block upon which the finance industry fights back against fraudsters.
As previously mentioned, the answer is not to add more anti-fraud solutions. Today a typical bank employs between 9-12, which are often managed by different teams in different locations. These solutions provide some protection against fraud, but their effectiveness is limited by the silos operating within banks.
The answer is collaboration, and regulators have made clear that this is the best way to address the problem. Better yet, the technology exists to make it happen. The only thing left for financial institutions to do now is to take the first step.