Part 1: Will More Stimulus Packages Equal More Fraud?

In the first of a two-part blog series, we’ll explore fraud threats surrounding opening new accounts and future stimulus packages, and how to fight back.

Among the many things that 2020 will be remembered for will be the level of fraud associated with the stimulus packages – particularly the SBA loans and their international equivalents, such as CBILS in the UK. And with new stimulus packages on the horizon, have lessons been learned, or will there be just as much fraud in 2021?  

Understanding the Threats of Application and New Account Fraud

As was covered in our recent 2021 predictions webinar, application fraud and first-party fraud (FPF) are on the rise. Losses from the various stimulus programs in the U.S. and UK are estimated to be in the $78 billion and £26 billion range respectively, and another $26 billion for unemployment frauds in the U.S. The key drivers here have been synthetic IDs, ID fraud (theft) and FPF.  

However, the fraud impacts of the stimulus packages are multi-faceted. There is application fraud for the loans themselves, but also mules used to launder the proceeds of the loans, employment benefits and checks (cheques).  

So, let’s start with applications. Why is it so difficult to get onboarding for a checking account or a loan done correctly? Well, banks are actively balancing customer experience with the costs of mitigating fraud. Customers have been demanding end-to-end digital account opening, which in a low interest rate environment with digital servicing is now a key differentiator. Now that digital and neo banks have shown that it can be done, it’s becoming table stakes. Not having an online account opening process means low fraud, but also fewer new customers.  

COVID-19 has been accelerating this existing trend towards digital applications, in part as the stimulus loans need to be available for customer use as soon as possible. This meant that in many cases the checks were reduced or placed after the funds had gone.   

Even for banks that have digital onboarding, many banks created either control gaps, poor experiences or both when digitising their existing paper or branch process. Often, good quality genuine customers went elsewhere while fraudsters persevered, leading to fraud rates remaining consistent, yet sales decreasing. Adding additional verification checks at account opening has historically added friction, leading to lost sales as well as the cost of the verification service itself. Yet not adding the controls adds to total fraud costs, along with costs of servicing accounts that make no money or a loss. Exacerbating this situation is that banks have traditionally siloed systems between onboarding for credit, fraud and AML for different products and ongoing fraud monitoring.  

After New Account Opening

While it is tempting to concentrate purely on the application side of things, it’s also important to look at what happens after the new account is opened. The issues are numerous, including abuses of the debit deposit accounts (DDA) such as deposit fraud, synthetic maturation to enable bust out at a later date, as well as mule activity. We’ve certainly seen the role DDAs play in deposit frauds linked to the stimulus checks, unemployment frauds and for laundering the loans.   

One reason to look to the DDA (or indeed the SME equivalent) is that many financial services organizations only lend to customers they already have a relationship with. This is a sound strategy as you are then lending off behaviour that you have directly experienced rather than just data from the credit bureau. However, though this limits the volume of people you’ll lend to, it should help reduce the bad debt and fraud rate, too.  

Fraudsters want a DDA or current account, as these are the gateway to the bank’s products, and more importantly, to payment methods. Additionally, it allows for more complex frauds to come about, such as some of the pre-paid products from neo banks or even savings accounts (although this issue has largely disappeared in the UK as PSD2 has helped see off savings accounts that were too like a current account).  

Having said that, saving accounts are still useful for mules undertaking various frauds, such as benefit claims, as each account can take a different reference if there is not much in the way of name checking. In the future, the risk associated with a new DDA is set to increase. The move to combat this is real-time payments through Zelle, RTP and FedNow, along with Request for Payment, give rise to new risks of abuse. Any institution that allows a fraudster to send a fraudulent request to pay message will be liable.  

Fraudsters know the value of a fraud’s available increase if they get in and look to behave like a genuine customer to keep suspicion low. Back in the late 2000s, I saw average tenure of over five years on first-party frauds! Through this method, they can then build up overdraft facilities, loans and credit cards. Often loans may be churned so that they never finish but keep getting bigger, paying off what’s left of the previous one. Once this has been established, the fraudster can then bust out, leaving all the products unpaid. In these cases, it can be easy for these to be in excess of $50,000, if not $100,000.    

DDAs can then also act as a basis for further lending. Having the behavioural data of a DDA is much more powerful than credit bureau data for credit scoring, but it can be manufactured. Essentially, a seemingly good customer can rack up large amounts of credit, due to their good behaviours and links to higher risk networks before busting out.   

Yet, they can also be the prelude to widen frauds to net even larger funds. A smart tactic that fraudsters employ is opening an account via identity fraud using a stolen genuine customer’s identity. This might allow you to not only borrow in their name if they have good credit, but also to help pass checks with other FIs too.   

A name checking service for new payments would be ideal here, making it easier to move funds from the genuine customer’s account. This might be particularly important if the fraudster is aware of the genuine customer’s upcoming transactions, such as a house case, as they can easily move funds elsewhere. For banks who lend to non-customers, one of the controls is to check ownership of the account it’s going to. If it has been fraudulently opened in the real customer’s name, these controls don’t work.  

Don’t miss our next blog in the series where we’ll cover how to fight back against new account fraud – coming soon!

 

Speak to an Expert