By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

New-age biometrics leading the fight against financial crime

Zwipe Talks

BY

Zwipe

Megha Roy

,

Senior Manager, Marketing & Communications, Zwipe

Sujata Dasgupta, Global Head of Financial Crime Compliance Advisory at Tata Consultancy Services, a global leader in IT services, digital & business solutions, discusses the evolution and different kinds of financial crimes with Zwipe, including the increasing use of biometrics to fight fraud and financial crime

You started your career in the banking industry. What attracted you to work with financial crime?

I started my career as a banker with India’s largest bank, State Bank of India (SBI), in 2000. After three years in India, I was placed in the bank’s New York office, where I managed the treasury risk and compliance for their US operations. This was soon after the 9/11 attacks, which became a turning point in the history of AML (Anti Money Laundering) and financial crimes. With this, a new era of AML-KYC compliance was born.

I found myself deeply interested in this subject as this was a major part of my risk management and compliance role. Given my interest in fincrime compliance, I continued focusing on KYC, AML and anti-fraud projects. Over the past 20 years, I have witnessed how this area has evolved from a KYC-AML function to a more comprehensive financial crime risk and compliance, with an ever-expanding typology of crimes which now covers cyber, crypto and environmental crimes.

As regulations grew more stringent and advanced technology-driven solutions in tackling financial crimes witnessed widespread adoption, it was my natural progression as I grew along with the industry, maturing from AML to a fincrime compliance. With two decades of extensive work in this field, I feel very strongly about the far-reaching impacts of financial crimes, fraud and other non-financial risks on human lives and society, environment, and the economy overall. This is an area which has grown very close to my heart.

How has financial crime evolved over the years within the banking and non-banking sectors? How has the industry addressed these challenges?

Over the last two decades, I have witnessed a phenomenal transformation in this space – both in terms of how crimes have evolved, and how regulators and institutions have stepped up their defenses. Financial crimes have expanded from terror funding and money laundering 20 years ago, to the new-age online frauds, ransomware-as-a-service, crypto crimes, etc., all enabled by advanced technology.

Regulators across the globe have responded with more stringent regulations, encouraging and often enabling the use of advanced technology & collaboration among industry participants to fight growing crimes. Institutions have undertaken a massive transformation of their compliance functions, with a dedicated financial crime compliance unit in almost every organization. Though compliance is not a revenue-generating function, institutions have been investing heavily to upgrade their legacy systems, automate compliance processes, leverage innovative data sources and digital solutions to discover unknown threats & hidden criminal networks proactively. Institutions are also collaborating among themselves, with regulators and law enforcement agencies, to share intelligence and insights for a concerted fight against financial crimes.

During pandemic, has the banking industry experienced new kinds of financial crimes and how well have they been addressed?

In the past two years, every sphere of our lives was shaped by the pandemic and the global efforts to control risks. Financial institutions witnessed a surge in pandemic-induced frauds, scams, malware and ransomware attacks, misuse of government benefits like bounce back loans and paycheck protection, among others. Several bank employees were enabled to work from home for business continuity, which added to fraud and cyber threats around network security, device security and risks due to increased data sharing for virtual collaboration.  

The problem here was that the financial institutions’ financial anti-crime frameworks were built for normal situations, while emerging crimes were triggered by a natural disaster – an undoubtedly abnormal situation. Therefore, technology platforms were quickly enhanced as the pandemic continued to add more layers of security for mitigating remote working risks. New risks like charities fraud and online imposter scams were assessed, and detection models and internal controls were enhanced accordingly. As banking systems evolved from contact-based to contactless, KYC and digital IDs have become vital, requiring redesigned workflows. Lessons have been learnt from this disaster, and banks are in the process of future proofing their operations, risk frameworks and platforms against such eventualities.

Sujata Dasgupta, Tata Consultancy Services

HIGHLIGHTS:

"Financial institutions witnessed a surge in pandemic-induced frauds, ransomware attacks & misuse of government benefits"

"As banking systems evolved from contact-based to contactless, strong KYC & digital IDs became vital, requiring redesigned workflows"

"Response to fight financial crimes has been very strong in the Nordic region"


How is biometrics contributing to fighting fraud in the financial sector? Specifically, how has the adoption of biometrics helped to strengthen KYC and AML processes

The nature and complexity of frauds have grown beyond comprehension, most of it powered by a surge in the digitization of financial services and innovative payment channels. Customers’ online presence has risen exponentially compared to five years ago, leading to an explosion of digital IDs. Criminals steal such digital IDs to commit various kinds of frauds, from new account on-boarding fraud to account takeover, cards and payments fraud, synthetic ID fraud, loan fraud, etc.

The new-age biometrics was conceived to address this exact challenge, using an additional authentication factor of customers’ face, voice, finger/hand behavior in different stages of onboarding, transactions and other services. Dynamic biometrics involves real-time liveness checks based on facial recognition, voice recognition and hand movement-specific behavioral biometrics. This includes several layers of verification in a complex authentication process without adding friction to the customer experience.

Digital identity verification has now reached a new level with higher security, as the early adopters have been witnessing reduced identity-theft-related fraud after implementing dynamic biometrics-based authentication. Remote KYC processes in many banks now use such biometric tools for customer identification and verification. Several banks have enabled online and mobile transactions using biometrics as a mandatory authentication, to prevent payment fraud. As dynamic biometrics cannot be easily spoofed, account takeover frauds and synthetic ID frauds can also be prevented.

To know more about biometrics in the world of payments, check our Zwipe Pay page


When we talk about financial crime, which regions of the world are most prone to such frauds and why?

Financial crime today is a global phenomenon, as criminals work across countries and continents in complex networks. The kind of crimes may vary across regions, e.g., drug trafficking may be more predominant in some countries, while human trafficking in another; terrorist funding in some and wildlife smuggling in another. We have seen the cross-continental nature of political bribery, corruption and money laundering in recent times as well. Same is the case with shell companies in tax havens and opaque ownership structures that hide criminal money.  

FATF (Financial Action Task Force) conducts reviews of member countries on an ongoing basis to evaluate the effectiveness of their AML/CFT measures, and how well they have implemented the FATF Recommendations. Countries identified as ‘high risk’ are those found to have serious deficiencies in their AML/CFT measures. Such countries may be more vulnerable to financial crimes than those which have much stronger mechanisms to prevent and disrupt such crimes.

 
Looking at the four Nordic countries, have you noted some interesting differences across these markets in how they fight financial crime?

The Nordic region has always enjoyed a superior track record in the financial world, with high stability and very few instances of criminal activity. Probably this operational stability has been one of the reasons banks in this region had not aggressively looked at changing their own system landscape, including the compliance systems, which have undergone quantum changes globally in the last decade. As financial criminals saw this as an opportunity, they started using banks in this region as their potential target for laundering money. During the last 5-7 years, banks in the four Nordic countries have witnessed a rise in financial crime, with illegal proceeds making their way into the financial system, often from international sources.

The response to fight such financial crimes has been very strong from these nations. Collaborative efforts like the shared Nordic KYC utility and Invidem, which is now being used by six banks in the region, is a powerful solution to jointly combat financial crime, standardize KYC data and cut compliance costs. These nations have also engaged IMF to assess the fincrime threats this region faces, due to their close proximity and network with the Baltic region that has been the target of criminals lately.

Sweden and Denmark have been aggressively using advanced technology like AI, Machine Learning, network graphs, smart ID verification, maritime surveillance, etc. to prevent and detect such crimes. Both Sweden and Norway have implemented a robust digital ID called ‘BankID’ within the country’s regulatory framework, that serve as an essential customer identification and authentication for all banking transactions & services. Denmark is on its way for a similar ‘MitID’ for enhanced KYC procedures. Norway is leading in terms of leveraging advanced data and analytics from sources like Bisnode, for enhanced due diligence, beneficial ownership and corporate structure verification. While all four Nordic countries have set up corporate registries pursuant to the EU 4/5 MLDs, Denmark has made the registry freely accessible for verification of corporate customers and their beneficial owners – a key information required for KYC-AML.

From a technology and solution perspective, can you share insights and learnings that have helped the industry in fighting financial crime with a significant impact?

Data-driven and AI-powered solutions are steering the business 4.0 agenda across the board, and financial crime compliance is no exception. AI and Machine Learning (ML) enabled solutions are being leveraged to enhance the effectiveness and efficiency of fincrime compliance, throughout the lifecycle of prevention, detection, investigation, reporting and remediation. Automation of KYC functions like onboarding, ongoing due diligence and periodic reviews have achieved reduction in turnaround time as compared to manual processes earlier. ML solutions have helped reduce false AML alerts while RPA (robotics process automation) has enabled faster disposition of screening and AML alerts.

Moreover, the fraud prevention space has been disrupted by dynamic facial recognition biometrics through selfie videos and behavior biometrics for detection of finger movements on devices. ML based real-time transaction risk scoring and fraud detection solutions are enabling instant decisioning on fraud, e.g., reject transaction, block card, block account, and reduce the incidence of frauds. Graph analytics-based network visualization are making a significant impact in detecting money laundering and frauds by discovering hidden criminal linkages.

To know more about biometric, click here