Bank fraud, and wider financial scams are on the up – and Australia is badly hit.
The inaugural KPMG Global Banking Fraud Survey has found that 61 percent of banks have reported an increase in external fraud in value and volume over the past three years.
Banks across the world said cyber-related fraud, often leveraging information obtained from data breaches, were their most significant fraud challenge. All regions are reporting an increase in cyber-attacks, scams, social engineering/ identity theft and ‘Cardholder Not Present’ (CNP) frauds.
This trend is particularly relevant, given the increasing proportion of bank customer interactions being conducted through digital channels. The changing banking landscape means there is less customer ‘face time’.
Fraudsters are creatively finding new ways to steal from banks and their customers, increasingly switching from account takeover to scams – manipulating and coercing customers into providing access to their bank account or into making payments to the fraudsters.
Unfortunately, we are seeing a disproportionately high volume of scam attempts on Australians – there were 177,000 scam reports here last year, costing almost half a billion dollars. This compared to around 85,000 scam reports in the US and UK, with far bigger populations.
This covers a wide variety of scams, including investment, romance, crypto-currency, false billing and where scammers are purporting to be the tax office or a government agency.
Why is Australia particularly badly hit?
We can only theorise but it may be that Australians are more open to reporting scams. We believe scam reports are generally understated, due to the embarrassment people feel when duped by a romance, investment or any type of scam.
This is particularly true of the elderly who do not want to lose their financial independence by admitting to their family they have lost significant sums from a scam.
Research also suggests Australians are intrinsically more trusting which in this context might not always be a good thing.
In the UK there have been some very effective TV advertisements portraying the importance of digital security; particularly being vigilant with social media privacy settings and not being trusting of call centre operators. KPMG believe Australians would benefit from similar scam education.
Such education should be varied to reach different audiences – for example many scam victims tend to be the socially isolated or elderly, so education should not just be digital channels but also through television, traditional media and even face to face sessions with vulnerable customer groups.
In terms of the natural party responsible to educate the public, it could be a combination of government sponsored – scamwatch are very active in this area – but also banks and telco providers could offer assistance as the scammers are leveraging text and phone channels.
Another area where Australian banks are closely watching the UK, is the recent launch of a Contingent Reimbursement Model Code for Authorised Push Payments Scams. UK banks who have opted in to this code may reimburse scam victims in certain circumstances where the bank and the customer have met the conditions set out in the Code. As at 24 June 2019, eight UK banks have opted into the Code.
There are differences in how banks globally manage the risk of scams experienced by their customers, with some Australian banks setting up anti-scam departments in parallel with anti-fraud. More sophisticated fintech providers are emerging with capabilities to help banks better identify, mitigate and manage scam/ authorised push payment risk.
Australian banks collaborate to share fraud intelligence and thus work together to mitigate the risk of fraud against the banks and their customers. Good work is being done, but our survey shows it is a continuous challenge.
Fraud has always been with us but it is evolving through technology. A multi-faceted approach is needed to combat it.