Managing the fraud threat landscape and increased intensity of threats

Managing the fraud threat landscape and increased intensity of threats

By Sean O’Malley, Head of AML Risk Management, State Street Corporation

Can you please tell the Risk Insights readers a little bit about yourself, your experiences and what your current professional focus is?

I’m a risk professional with 25 years of experience in financial services – including banks, broker/dealers, consultancies, insurance companies, finance companies and asset managers. Working in market risk, credit risk, operational risk, enterprise risk and, most recently, compliance risk. Every role has presented challenges to be addressed and opportunities for improvement. My objective in each situation is to try to understand the risks involved so as to make improvements – be it increased profitability, increased efficiency or improved operating results – for the company I’m serving.

What, for you, are the benefits of attending a conference like Risk Americas 2019 and what can attendees expect to learn from your session?

Attending conferences like Risk Americas 2019 enables sharing knowledge and expertise acquired through your experiences, and provides excellent opportunities to learn from the experiences of others – so that we can all become better risk managers.

Without giving too much away, how can banks be more nimble to keep up with fraud threat landscapes?

First, develop fraud identification, fraud loss categorization and fraud response plans that are appropriate to your institution. Second, put in place processes to capture and retain potential fraud loss event data for review and processing, using the potential losses data set to identify actual fraud losses. Third, segment actual losses in accordance with the institution’s fraud categorization structure (by relevant fraud typologies) and periodically conduct data analysis to identify emerging fraud threats and trends. Fourth, execute fraud response plans to address the emerging fraud threats and trends. Fifth, measure the effectiveness of the fraud response plan.

What are the key considerations that need to be made when increasing intelligence sharing between law enforcement, regulators and banks?

They key considerations are to safeguard the personal information of the bank’s customers, share information with law enforcement and the regulators in a timely fashion (based on legal and regulatory guidance) and be aware of extra-territorial regulatory requirements and considerations involved with information sharing.

What are the challenges and opportunities of using technology to share intelligence?

One of the primary challenges in using technology to share intelligence is to make sure that both the storage and transmission of the data are appropriately secured. The opportunity in using technology to share intelligence is that it can help identify patterns of fraud or other non-compliant activity more rapidly, which should enable the financial system to address those parties involved so as to minimize the impact of those “bad actors”.

How do you see the impact of the fraud threat landscape evolving over the next 6-12 months?

I see the increasing use of artificial intelligence, data analytics and automation presenting challenges to the fraud threat landscape – both to the institutions that will be enhancing their capabilities in these functional areas (because implementation of new technologies and methods are often complex and operationally challenging), and to the fraudsters seeking to exploit any ‘gaps’ in the technology and processes of these institutions. I’m expecting to see a shift in the types of fraud being perpetrated as this evolution continues.