Share
Key takeaways:
Transcript
Rachel Koning Beals: In the digital age, financial institutions face a new breed of bad actors and sophisticated technology to conduct crimes. I’m Rachel Koning Beals, senior editor at BAI, and this is the BAI Banking Strategies Podcast. Today, we’re joined by Diana Rothfuss, Global Product Marketing Director in Financial Services, specializing in risk, fraud and compliance, at SAS.
We’ll explore the sinister rise of deep fakes, identity theft and elaborate scams, and how generative AI can be both a curse and a blessing when it comes to fraud. Diana shares insights and strategies to safeguard your institution against the threats lurking in the shadows. It may be Halloween, but fraud is getting increasingly scary all year long.
Welcome, Diana.
Diana Rothfuss: Thank you, Rachel.
Rachel Koning Beals: Fraud is scary for consumers and the banks and credit unions facing new threats. Set the scene for us. From deep fakes and more, financial fraud is getting more elaborate. What kinds of threats are we seeing out there?
Diana Rothfuss: Yeah, Rachel, definitely agree. It has evolved more than ever thanks to AI. AI is bad and good at the same time. I think what we’re starting to see is, again, our fraudsters have become smarter. We’ve seen a lot of that. Right after the pandemic, obviously, we were thrown into digital transformation. Everybody having to do everything online. But really, you know, with having things like ChatGPT, social media and engagement, the fraudsters, even somebody who might not have started out as a fraudster, can become one. And it’s really interesting, we talk about Halloween, and, you know, spooky and scary. And you know, most of the time during Halloween, people wear masks, right? You’re trying to mask your identity in order to get candy. It’s kind of funny, actually, coming from a fraud angle, and that’s what a lot of these guys are doing. Deep fakes, I think, is one of the biggest trends that we see growing, and we call them more elaborate … But you know, in grouping into those categories, it’s really just the ability of somebody to wear a mask, to change their voice, to look like somebody else, in order to scam you out of your personal information and being able to then take advantage of your accounts, take advantage of your company…
So deep fakes are definitely becoming elaborate. People are falling victim to it just in high numbers, scams, in general, I think, have just gotten really big because scams no longer are just your typical, oh, you know, I need your credit card information. It’s not even your simple email that goes out anymore, where you can recognize the two or three, you know, little grammar errors or a period that’s in a separate spot. They can go into these technologies and have ChatGPT generate an email for them that looks pretty close…to what a normal company would have.
I do want to say, a lot of people, I think, loop in our senior citizens and older communities into this and think that they’re the ones that really fall victim. But you know, a lot of these younger generations, you know also too, because we’re moving so quickly, [fraudsters are] taking advantage of this fast-paced environment that we live in and that we work in to really catch us off guard, and just with one click, your entire life can change. So deep fakes and scams are probably the biggest thing that we’ve seen. Obviously, data breaches are on the rise, and if we’re lucky to hear about those and know that our information is out there and a company has reported them, then you know that’s great, and we can take measures, but you constantly just have to be on guard and understand where your information is at and what you’re doing.
Rachel Koning Beals: Great perspective. And you know, we’re talking sort of about consumers having to realize how fast that world is changing. From your perspective then are the banks and credit unions adapting fast enough to these new risks? What are some of the particularly weak spots?
Diana Rothfuss: From their end, it’s moving, I think, a little bit slower. You know, coming from my perspective, I would love to see it move faster. But I think what’s interesting about that statement, and talking about how financial institutions can be better and where they need to kind of fix things, is a lot of this started [with digital] and I call it right now… what’s going on is the second wave of digitalization. Banks were starting their digital transformation back when the pandemic hit so they had plans in place. People were trying to evolve into that more digital atmosphere. But because we got thrown into it so quickly, a lot of financial institutions put the best programs in place that they could. We see them, and [we] referred to them as Band-Aids, really, at the time because we needed to make sure that our money was safe, their customers were safe, and their organization was safe.
Fast forward now to 2024 and beyond. We’re out of that, but now because of the evolving fraudster and evolving AI and technology, a lot of those [approaches] that were put in place a couple years ago to really help speed through that digital transformation are old, so a lot of the programs that institutions have aren’t able to catch the different types of sophisticated methods these fraudsters are using. … You know, consumers obviously can make that accidental mistake of giving information and letting them through the door, but then we’re a financial institution, you know, should be able to help is recognize that that’s not the consumer, and those are a lot of the different I’d say technology from like rules and models to be able to help detect those things that sometimes are a little outdated.
Another big thing I’ll say, too, just besides technology in general having to be updated to catch up with fraudsters, is just understanding data. We’re in a place right now where we have data and financial institutions have data coming at them from all different angles, and because of the different silos within the organizations, because they haven’t been able to break those down, they can’t truly understand the data that they have … Because this is an example of where data on customers can be used for the good, understanding who your customers are, and being able to catch those fraudulent whether it be a transaction inquiry, a call into a customer service center, being able to understand your data and have your organization, being able to talk to each other is really become key. So if financial institutions, you know, can embrace some of those things, like breaking down the silos, understanding their data a little bit more truly, pushing to get the budget to update their systems. I think we can keep moving forward, but I know those are also large asks…
Rachel Koning Beals: But listen it is budget time, or many organizations are already deep within budget planning. We hear at BAI over and over again what a priority fraud is. So listen, if fraud and the fraud fight wasn’t already a budget priority, it’s going to have to be soon and going forward. So for sure, transactions are always a balance between, I would say, safety and frictionless ease. And historically, that ratio seemed to favor ease. But have consumer attitudes changed? Is it more “safety first” these days? Meaning, are consumers tolerant for a few more steps as they engage with their bank?
Diana Rothfuss: Absolutely. I love conversations like this, because I think the new wave of consumer understands truly what can happen, and I think they do truly understand their safety and security more than the convenience. Now, again, it is a balance, right? You will definitely have individuals that you know want to make sure that they have it quick, and they don’t want that extra verification, which is why sometimes, you know, if we now notice, sometimes when we log into our different accounts, it gives you the option because, again, it’s appealing to both sides of the consumer. It’s saying, Do you want to have a double authentication? Do you want to just have a single authentication? Do you just want to have a code? So, I think part of that balance is giving consumers different opportunities to kind of choose their own path. That I mean, obviously, coming from a fraud background, I would love people to double authenticate. I know myself as a consumer, sometimes it’s not always great, and I do a couple groans in the background, but I know I’m safe knowing that I’ve had to do this couple things, especially on your key accounts, like bank accounts.
But it’s interesting, you know, we did a study, it was at the end of last year, with a lot of our consumers… a little bit more of the generations that are coming of age. And we found out that 67% of the people we surveyed would switch providers if they experienced fraud or another company offered better fraud protection. And that was pretty glaring to us, because I think that’s the first time that we’ve ever really seen that in a statistic. Another really good key point is 89% believe that organizations should be doing more to protect them from fraud. So there’s already that mentality where I think consumers, all they constantly see [are headlines on] data breaches, scams. This is happening, this is coming at them, and they’re not feeling safe. So I think the more that we can make them feel safe, and the more that the institutions can, the better off they’ll be, right? You retain your customers, and it helps the organization, as well as working with those customers and what that relationship looks like down the line.
Rachel Koning Beals: Those are pretty convincing numbers. I was not surprised. I expected it to favor safety, but those are high numbers. That’s very interesting. You mentioned gen AI especially. But let’s dig in a little deeper to that, because it’s certainly top of mind. It’s both another access point for fraud vulnerabilities, but also a key tool in fraud fighting efficiencies.
So kind of give us some examples. AI strikes me as sort of the super powered, you know, workforce fortification. In a lot of ways, if we’re going to take on fraud, we just don’t have the human power to do it. In a lot of ways, banks can really kind of grow their legions with AI. But a lot of people kind of wonder, are we creating more vulnerabilities with AI? So very broad question there for you, in a lot of ways, but I just want to talk about it a bit more.
Diana Rothfuss: I think you hit it right there. AI, even specifically generative AI, plays a dual role in this realm of financial security. On one hand, fraudsters can use them to exploit and create the fake identities we talked about, the deep fakes we talked about, you know, all the different scams and the phishing attacks. But on the other side of that, AI can really help financial institutions enhance their fraud detection and prevention. One example of that is machine learning algorithms. They can analyze lots of data for transactions, specifically in real time to help identify any unusual patterns that can be around fraud. AI can also automate routine tasks. I mean, we see that in a very large way. From an AML standpoint, being able to look at SAR filings and whatnot, it gives the organizations the opportunity to free up analysts that might be kind of just knee deep in case studies, knee deep in looking at transactions and trying to analyze data, pulling them off of that.
And I think that’s some of the things that we try and talk to financial institutions about is, how does AI make things better? How can you use it for your specific use case? And I think there are a lot of examples of that. I think we automatically always go to the bad sometimes when we think about AI and generative AI, but again, even some of the simple things I talked about earlier, about understanding your data, AI helps you do that, because it helps take data from different types of areas in your organization, be able to bring it together to make a smarter decision. So that, for example, if you have a customer who’s trying to access their data, maybe they’re at a different, you know, location, or signing in from a Starbucks where they’re not normally at, but say that Starbucks is in London, [AI] can pull together all those different data points of where you’re at, where you purchase that, you know, airline ticket to, and be able to say, Great, this is a legitimate customer. We know that. And then that experience of getting it is easier, versus if you have that AI and you’re trying to pick out a fraudster, that’s where [AI] can actually help… [It says] Oh, well, I clearly see that Customer A is not sitting in Japan when they just sat down and ordered a Starbucks in, you know, New York City. AI is great for all things. I think it’s to what we just talked about, about how organizations can embrace it a little bit more. I think embracing that tool will just even make that capability stronger. And I do think we can show the public the positivity of AI and how it can help solve fraud scams and problems.
Rachel Koning Beals: What do you Diana and the SAS teams expect when it comes to the shifting fraud landscape as we look ahead to 2025? Is AI the headline, or will other technologies matter just as much?
Diana Rothfuss: I do think AI and I think data are going to be two of the biggest things to talk about within financial institutions. I will say, I think it started really at the beginning of this year, but I think as we’ve gotten further into this year and we see more and more people embracing AI in a positive way. I think financial institutions are a little bit more open to understanding how they can implement it in their organization, and understanding that it might be a phased approach, right? It might take time, but I think they’re also understanding, again I put data in there, because data is just going to be a huge trend of how important is it? Where are we getting it? Is it clean? You know, is it the best data possible to make those decisions? Who do we need, from an organization standpoint, to help us understand how to make those decisions? And then also what is the technology we need to do that. So I think both of those together are going to be really big going into 2025 and we are seeing, I will say, you know, from our side of the house, as we’re talking with customers, as we’re, you know, going to events, and having conversations just with other peers in the industry, and talking with analysts, I do think we’re going to see a positive trend and adoption of AI and just better data management for next year.
Rachel Koning Beals: You know, we’ve talked a lot about AI today, Diana, but the reality in our industry is how prevalent check fraud is. What are you seeing out there as far as check fraud and vulnerabilities?
Diana Rothfuss: It’s interesting. We hear the term all the time in our industry and in our conversations, what’s old is new again, and check fraud is the example of that. And I know, you know, that’s a big thing for the United States, as we do still have a large majority of individuals that are using checks to pay for things. We have small businesses that are using checks to pay for things. And it’s really interesting because we’re seeing it on a couple different angles. I’ll call it, I’ll say we are seeing the old school method of you know, you’re sending and I think this is a perfect time of year to talk about this. We’re coming up on the holidays. So what normally happens? People write a check and they say, Merry Christmas, and here’s the payment that I owe you from a cell phone or something like that. A lot of people are still doing that, and the fraudsters are smart enough to understand, and they’ll go mailbox to mailbox, or, unfortunately, you people that work on the inside. Because, again, I think, right now with the economy, and, you know, just people are kind of grasping for straws sometimes, and they’re not making the best decisions. And, you know, they’ll look for those envelopes, they’ll hold them up, and they’ll look for those checks. But it can just be your regular, you know, I would call it your neighborhood, quote, unquote, fraudster that just literally goes through through mailboxes to find your check and take it and then obviously cash in on it and get your information, because it’s got the routing numbers on it and do that.
I think another big one, obviously, that kind of flips a little bit more to that digitalization side, is obviously another way of depositing checks is through mobile check deposit well, that can clearly get compromised in a lot of different ways. And I think that’s one of the things that we talk from implementing technologies. That is one thing in the United States banks are seeing an increase in is just adopting, I would call recognition of documents and being able to understand where they’re coming from, which also when you’re talking about mobile and you’re talking about data, and understanding where it comes from, it’s where is this check coming from? If it’s Mobile deposit, is it coming from an IP address that we recognize? Is it coming from a location that we recognize? When you take a picture of the check and you see the names and who it’s going to. I mean, it can get very sophisticated to understand is this truly being deposited by the person that it should be sent to? But it is really amazing how this keeps growing and again, people, I will say, I’ll put the warning out there right now for the holidays, if you’re thinking about sending a check, I would just find another way to do it, because this is when, you know, we tend to see and hear a lot of that fraud increase. Is during the holidays.
Rachel Koning Beals: Great advice. The positive intentions are there, but it just makes it easier for everybody in the end if we start to rethink our paper world a little bit. Thank you so much to Diana Rothfuss of SAS for joining me on the BAI Banking Strategies podcast today. Diana, you have a wealth of knowledge on fraud at both ends of the technology spectrum and some things to think about as the holidays approach and 2025 approaches. I really appreciate you joining me today.
Diana Rothfuss: Thank you, Rachel, enjoyed the conversation.
Join our community to unlock exclusive content, connect with industry experts, and gain access to valuable resources that will help you stay ahead.
