Financial Crimes, Trends and Best Practices for Detectionresources.gabankers.com/PDFs/2020/Financial...

Financial Crimes, Trends and Best Practices

for Detection

Presented by: Rene Perez – Financial Crimes Consultant

Date 02/28/2020

Rene Perez – My Background

• 19 Years in Financial Crimes

• 13 Years at Jack Henry & Associates

• Former BSA/Fraud Officer at a Top 20 bank

• Jack Henry & Associates Subject Matter Expert on FC

• Sit on the Federal Reserve Bank Fraud Board

• Speaker at local, state, national and global conferences

Hot Topics – Lets talk about them!

• Fraud Trends

• Human Trafficking

• Synthetic ID

• Data Breaches

• Business Email Compromise

• Artificial Intelligence and Machine Learning

What existing channel almost

DOUBLED in attempted fraud from

2016 – 2018?

People think it’s a dying channel?

Check Fraud Attempts

$8.5 B

$15.8B

Check Fraud

0 10 20 30 40 50 60

PTP Fraud

New Account

Synthetic Fraud

Auto Fraud

Check Fraud

Identity Fraud

Mortgage Fraud

Online Fraud

Card Fraud

Wire Fraud

2019 TOP FRAUD TYPES BY LOSSES

What is social media’s affect on fraud?

• HUGE!!! – Raising new generations of fraudsters

• Teejayx6 on YouTube– 78,000 Subscribers

– 15 Million views

– “The Rise of Scam Rap in Hip-Hop”

• Fraud bible does exist!– 38 GB file of fraud tutorials

Trafficking - 2018

It happens

EVERYWHERE!

Demographics

How about here in GA?

• Victims Identified

• Traffickers Identified

• Trafficking Businesses

What to look for?

• Travel spending patterns

– Frequent gas stations

– Frequent hotels

– More than average train, bus or plane tickets

• Business red flags

– Hide their vendors

– Distributing credits and debits to unknown companies

– Transactions not coinciding with the business

Synthetic ID - What is it?

Who is the most common Victim?

Causes

• 1936 Social Security Administration went to a universally

used identifier

– These do not change over your lifetime

• These numbers were then used by corporate entities to

identify their customers

• Data Breaches

• Social media explosion

• Credit Privacy Numbers (CPN’s)

Why it will become bigger in 2020

• Synthetic ID Fraud is not new, getting more sophisticated

• Financial Institutions

– Reluctant, don’t understand it or can’t stop it

– More than 50% of fraudsters pay their bills

• Credit Bureaus

– Can’t stop it, they have credit reporting requirements

• Consumers

– Convinced its legal!

What can Financial Institutions do?

• Put a warning on applications!

– Only use SS#

– NO CPN’s

– VALIDATE!

• Stop piggybacking authorized users

– Also called Credit Rental

• Educate the consumers!

Data Breaches

What was the estimated amount of records stolen in data

breaches in 2019?

• 6 Billion Records

• 20% increase over record breaking year, 2017

Data Breach Numbers

• Average cost of a data breach?

– $3.92 Million

• Most Expensive?

– $8.19 Million

• Average size of data records stolen?

– 25,575 records per theft

✓ Separating Information Security & IT Operations

✓ Application Whitelisting

✓ Spam Filter Testing and Tuning

✓ Web Filter Testing and Tuning

✓ Security Awareness Training

✓ Principle of Least Privilege

✓ Applied Threat Intelligence

✓ 24/7 security monitoring

✓ SSL Deep Packet Inspection

✓ Breach Detection – Sandbox technology

✓ SIEM

(Security Information & Event Management)

✓ Multi-Factor Authentication

✓ Rapid System Patching

✓ Ongoing Vulnerability Scanning

✓ Disaster Avoidance Architecture

✓ Virtual Desktop Infrastructure

✓ Offsite Backups

✓ Regular Testing of Backups

✓ Business Continuity Planning and Testing

Cybersecurity Risk Mitigation Techniques

What’s the fastest growing fraud trend?

Business

Compromise!

June 2016 – July 2019

Why does it happen?

• People are the weakest link!

– Too busy

– Not detailed

– Scared to question authority

What do you need to do?

• Educate, Educate, Educate

– URL in email based on actual company

– Do not supply PII or credentials via email

– Beware of misspellings

• Use secondary channels or two factor authentication

• Keep software patches up to date

Bad Trends in Financial Institutions

• FI’s are not increasing their spending on Financial

Crimes.

• Moving traditional fraud funds to cybersecurity

– Further exposes the institution to traditional fraud

• No overall Financial Crimes strategy

AI & MLA

Big Data

Compute Power

Algorithms

Expert Rule Systems

What is Machine Learning?

Analyze & Results

Human Interaction

What is Artificial Intelligence?

Analyze & Results

System makes

changes

Have you ever

experienced this?

• Predictive Analytics

• Prescriptive Analytics

• Image Recognition

• Speech Recognition

• Learning Associations

Data Analytics

Descriptive Analytics provides insight into

the past and answers, “What has happened?”

Predictive Analytics is used to understand

the future and answers, “What could happen?”

Prescriptive Analytics advises on possible

outcomes and answers, “What should we do?”

Developing an Enterprise Analytic Strategy

PEOPLE PROCESS TECHNOLOGY

DATAOBJECTIVES

Enabling Analytics

Analytic Inhibitors

BehavioralAnalytics

▪ Use case based detection

▪ Anomaly Detection

PredictiveDetection

Prescriptive

Financial Crimes Analytics Maturity Curve

Data-awareInvestigations

▪ Data enrichment & summarization

▪ Multi-dimensional triangulation

▪ Iterative results drive auto refinements

▪ Supervised machine learning

▪ Holistic risk models from alerts & features (AI)

▪ Operational analytics for investigative efficiency (AI)

Basic Rules

▪ Basic Thresholds

▪ Above/Below amounts

Questions or Comments?

My Contact:

RPerez@jackhenry.com

Resources

• https://www.ibm.com/security/data-breach

• https://frankonfraud.com

• https://fedpaymentsimprovement.org/wp-content/uploads/frs-synthetic-identity-

payments-fraud-white-paper-july-2019.pdf

• https://www.imf.org/external/pubs/ft/fandd/2019/09/the-art-of-money-laundering-and-

washing-illicit-cash-mashberg.htm

• https://polarisproject.org/myths-facts-and-statistics/

• https://www.bleepingcomputer.com/news/security/business-email-compromise-is-a-

26-billion-scam-says-the-fbi/

Financial Crimes, Trends and Best Practices for Detectionresources.gabankers.com/PDFs/2020/Financial...

Documents

Trends and Best Practices - Redmond

Inbound Marketing Trends & Best Practices

Intranet 2011 Presentation Trends & Best Practices

Educational laws, practices, trends and issues

Intranet Trends Best Practices

CORPORATE COMMUNICATION PRACTICES AND TRENDS

CORPORATE COMMUNICATION PRACTICES & TRENDS 2001

Practices and Emerging Trends in Asset Liability ... · PDF filePractices and Emerging Trends in Asset Liability ... Interest Rate Sensitivity Gap ... Practices and Emerging Trends

OFCCP Compliance: Trends And Best Practices

Pricing Trends And Best Practices

California Compensation Trends and Pay Practices

Trends & practices

Resumes Today Best Practices & Current Trends

Corporate Governance Practices and Trends

Capgemini Insights and Data Financial Crimes Practice · Capgemini Insights and Data Financial Crimes Practice AML Trends & Issues April 27, 2017

Trends in Financial (cyber) Crimes - Brainlink · 2019-02-21 · Trends in Financial (cyber) Crimes Raj Goel, CISSP Chief Technology Officer ... • Credit Card Theft • Future Crime

Mobile: Trends and Best Practices

Universal jurisdiction and international crimes ... · Jurisdiction and international crimes –constraints and best practices); Florian JEßBERGER, Professor of Criminal Law, Faculty

Basics, Best Practices and Trends

Identity Theft and Financial Crimes: Trends, Law ...Identity Theft and Financial Crimes: Trends, Law Enforcement Capabilities, and Victim Needs October 15, 2014 Training and Technical