Building Resilience to Financial Crime: the Convergence of Cyber Intelligence, AML, and Fraud Prevention

The idea of converging cyber intelligence, AML, and fraud prevention activities to eliminate gaps in financial crime risk management has been discussed for years. However, recent developments in global real-time payments, open banking, and booming digital transactions have escalated the need for this convergence.

In this era of instant payments and CNP transactions, traditional siloed approaches to financial crime prevention are losing their effectiveness. In 2022, fragmented data management and data loss at a certain point in the payment journey can give criminals the advantage they are looking for.

Convergence of Crime

Traditionally, AML was about compliance, cybersecurity about preventing IT threats, and fraud programs about detecting and resolving fraud.

But as more financial activity occurs digitally, the lines between cyberattacks, fraud, and money laundering are blurred.

For example, a typical cyberattack on a bank clearly shows the convergence of attack vectors including cyber breaches, fraud, and AML:

  1. A bank employee’s credentials are stolen.
  2. Malware is installed on the bank’s network.
  3. Funds are routed from bank’s account to a third bank in another country.
  4. Withdrawals are made through multiple transactions.
  5. Millions of dollars are stolen.

The sophistication of cyber-enabled attacks is increasing at the same time as financial institutions are increasing the volume of transactions they must process instantly in order to satisfy customers. Modern banking requires faster and better risk detection and decisions, which in turn requires increased data sharing and collaboration between previously siloed teams.

Preventing Threats and Financial Crimes in Real-time: The Fusion Approach

Leading financial institutions are establishing robust financial crimes centers that bring together cybersecurity, anti-fraud and AML teams to converge their data and processes for a more holistic view of the threat landscape. This helps financial institutions identify financial crimes across the spectrum and stay agile in their preventive operations and response.

Some banks have already implemented a fraud fusion center to withstand financial crimes and ever-evolving threats. For example, Bank of Montreal established a fraud fusion center in January 2019 while TD Bank opened their fusion center in October of the same year. But as criminals introduce new, sophisticated techniques, banks are revamping their fusion centers and looking to improved technology to keep up.

Here are a few key elements of a successful convergence program:

1. Streamlined Structure & Reporting

As the initial step in the convergence program, PwC recommends that financial institutions examine their existing enterprise-wide structure and identify points where streamlining it will give senior management a centralized view of financial crime risk. Clearly documented structure with roles and responsibilities will help detect and eliminate duplicate tasks and will ensure better data visibility.

McKinsey & Company suggests that strategic prevention should be key to improving protection of the bank and its customers when working on convergence. To achieve their goals, financial institutions need to think like the criminals. Perpetrators are looking for a system’s weak points, so when planning the defense, banks should trace the flow of crime in order to come up with an optimized internal structure.

2. Data Fusion

Access to the right data at the right time is the foundation of efficient convergence programs. Many organizations collect data and tackle crimes in silos such as compliance, fraud, and cybercrime. Data fusion provides a single source of data to multiple teams, enabling a complete view of the payment transactions journey and enables faster, more effective responses to threats.

Criminals don’t make a distinction between AML, fraud or cybercrime. They simply act based on whatever gaps in the system they can find. Information fusion is the best weapon against fraudsters. If fusion centers leverage raw payment data in real-time, captured at the network level to avoid data loss, they can derive trends and patterns that let them distinguish legitimate customer transactions from fraudulent ones.

3. The Right Technology

Because of the volume and complexity of payment transaction data, having the right tools will reduce the costs, difficulty and time it takes for its aggregation and analysis. Done incorrectly, data fusion can result in misleading results, including too many false positives, which cost financial institutions more than actual fraud losses.

Faster payments and open banking require organizations to quickly identify emerging fraud patterns and respond immediately, without creating negative friction for their real customers.

The appropriate use of machine learning for financial crime prevention can be one of the most effective tools in a fraud prevention strategy. Having adaptive ML models that perform behavioral analysis of every single card and customer can be instrumental in detecting account takeovers.

Artificial intelligence and machine learning also support financial institutions in their privacy compliance by helping prevent data breaches. They can cut through the noise by flagging suspicious activity with precision, blocking fraudulent activities, and letting the legitimate payments go through.  

While convergence is not necessarily a simple process, it is a needed step for financial institutions to improve their resilience to modern financial crimes and to stay competitive. Effective operational structure, fusion of data, and the right technology are the pillars of success in the digital economy.

As an added benefit, convergence can also result in an optimized customer experience, fostering more digital trust in the financial institution and improving its reputation.