Patience Increases Enterprise Fraud Risks in Asia

enterprise risk management

The Asian culture of patience may inevitably put enterprises at risk of enterprise fraud, warned anti-fraud consultancy UKFraud Managing Director Bill Trueman.

“In terms of fraud, this means that fraudsters will also be less impatient, and feel happy to ‘take their time’ with the fraud to make sure that it is right and for the biggest sum,” he said

One way to mitigate this is for Asian enterprises to support or drive the business into making sure that IT supports the relevant processes.

“Every new product or programme change should have ‘fraud thinking’ in it as the fraud losses will be high if the deterrents, protections and processes are not planned for up front.”

He stressed that Asian businesses need to be more aware and pre-emptive, and have a longer time-span in its thinking about fraud and fraudsters.

“Asian business will need to take the same precautions as any other business around the world – not least as they will have the similar issues of technology, systems, processes and of course, people too.”

Other tips he offered for strengthening enterprise IT infrastructures are:

  • Focus attention and efforts on the payments and money transmission areas of the business, and in particular the authorisation of payments, and the tendering for business and projects.

“Make sure that all such transactions are dual-controlled. At least two people need to be involved in payments and these people need to be within a hierarchy and graded by the payment sizes.”

  • Use business technology solutions along with strong operational processes and procedures to monitor what the team is doing. Review the monitoring and exceptions 100% of the time and ensure that there is a system and process for dealing with the problems that occur. And lastly as a deterrent, communicate to the team that the monitoring is happening.
  • Retain, keep, store and back-up data and transactions.

“Nothing should be deletable and people should see and know that this is the case – again as a deterrent.”

Bill Trueman (an independent fraud and risk specialist) is director of RiskSkill and UKFraud.

This article originally published here.

Other Useful Posts You Would also Like:

11 FAQs on EMV Chip & Pin Credit Card Technology

Is EMV Chip and Pin Really the ‘Money Pit’ for Retailers?

Riskskill Appointed by Visa Inc. as an Approved GARS Reviewer

Is EMV ‘A Colossal Waste of Time’ for Retailers?

Top Technology Trends in Payments, Risk and Fraud in 2014

25 FAQs on Risk Review and Risk Management

Fraud Prevention Strategies for Business & Corporates

Advertisements

UKFraud Seeks To Reduce Mobile Wallet Payment Risks

Following the recent launch of its mobile wallet consultancy practice, risk and fraud prevention consultancy UKFraud (www.ukfraud.co.uk) has launched a range of analytical, consultancy and advisory services aimed at helping businesses in the mobile commerce and payment solutions space to ensure that their products are ‘right’ before they hit the market.

The consultancy practice was established to provide strategic advice and direction to protect mobile solution providers from creating new payment architecture solutions with insufficient protection from data breaches and other risks.  In addition, the new services offered by the practice are designed to deliver a comprehensive  assessment of new wallet product strategies. In particular, the UKFraud services will ensure that wallet providers incorporate the right customer ID and authentication technologies and processes.

In advising producers of future wallet type products, the practice’s services draw upon the research, findings and in-depth analysis of the market by UKFraud’s own Mobile Payment Special Interest Group (SIG). In its findings, the SIG recognised the need for all financial product stakeholders to develop risk reduction strategies capable of matching the projected rapid growth of the global mobile payments sector over the next eighteen months.

The launch of the new range of services  reflects a significant increase in the development and appearance of a range of wallet type products in the market. These include a number of recent, positive and influential developments, such as those from Google with their Wallet, mPowa, Skrill, and Apple with the launch of its well-received iPhone 5S with integral fingerprint reader.

The UKFraud practice also advise on a broad range of devices, architectures and platforms including smartphones, tablets and app software along with the likely fraud risks of transporting mediums such as the internet and/or mobile carriers, including NFC, Bluetooth or Wi-Fi, and entry into traditional payment gateways.

A key element of this advice is in the areas of ID and authentication. There are a number of different forms of ID and authentication techniques that wallet products can use.  These  combine traditional physical processes and technology checks with increasingly more contemporary ones such as biometrics. UKFraud aims to ensure that all elements of these technologies and processes are developed or evolved to be ‘user-proof’ as well as ‘fraudster-proof’. Key elements of a proper wallet infrastructure should include:

1. Authentication of user identity.
Someone, somewhere must always be able to verify the identity of the individual who owns the device, or at least to have protection against possible identity theft attack in the future. This is as true for any such form of identification, whether it is through a traditional approach or through evolving biometric checks. Currently there are few consistent standards in the methods with which a user’s bank account, payment preferences, or even credit history is  tied into biometric records in order to gain access to such details. This area is especially significant, as there are serious existing layers of legal requirements for identifying customers for all money transmission providers who have to meet Money Laundering, Drug Trafficking and Prevention of Terrorism compliance standards. Future Wallet providers cannot be exempt here if they are involved in the creation or handling of financial ‘events’. Thus the authentication of IDs to meet these current standards must accompany all biometrics validation tools and not be replaced by them. For this reason there must be careful planning to ensure that new identification methods are founded on strong foundations.

2. Validation of the technology architecture.
Emphasis also needs to be placed on any secure repository for the data collected. This includes analysis of where the data is securely held and how accessible such repositories are to others and just how well encrypted the data is. However, equally all transmissions that contain sensitive data need to be ‘looked after’ and protected over time. In addition, the processes, technologies, validation of identity and the transmission of sensitive data must all be based upon a technology and process base that is globally useable, acceptable and safe. UKFraud feels that this explains why so many organisations are baulking at the prospect of taking action in a non-standardised direction which risks everything.

3. Interoperability
As so many solutions are still evolving, ‘wallet events’ especially those where payment occurs, can be very different in nature. Equally where any biometrics or codes and/or passwords are used and transmitted this must also be stored somewhere in the ‘wallet’, in a device or in a cloud based solution. This is a point of risk and the potential target for attack. Further, there is  also other personal user identity data such as  entry tickets, vouchers, discount codes, club memberships, allegiances, contacts and diaries that the market has have not yet contemplated storing electronically on the mobile ‘wallet’.   This all needs to be compatible or interoperable. This interoperability often needs to be global too. The only global operability standards today rest with the major Card Scheme payment solutions which are globally linked, and completely standardised, by virtue of the authentications and controls that have evolved over decades. These are also safe and robust when dealing with criminal attacks and failures.

4. Transferability
Taking it a step further; consumers will most likely require the ability to change ‘wallet’ or data solution provider, so that we can have everything that we need still available to us when our ‘device’ breaks or changes. This facility needs to be built into the wallet and UKFraud will question whether  the new and innovative solutions they examine  follow the same or common standards that enable customers to move their funds, data and information from one provider to another with ease.

5. Reliability
A challenge that some biometric authentication has traditionally had, in addition to the commercial rollout realisation, is how well it actually works. Some of these technologies, through lack of global standards and specifications, have on occasion been the subject of perceptual concerns about some of the systems’ reliability in storing and validating data against biometric records as a consistent form of identity.

UKFraud believes that it is essential that the issues of what is stored, along with where and how it is stored need to be governed well. This includes a wide range of issues around what the fall-back is – i.e. what happens when users get locked out of their smartphones for instance – and where the data is stored and how recoverable / retrievable is it?

According to Bill Trueman the CEO of UKFraud, “Our clients understand these practical ID and authentication issues as part of their ‘wallet’ designs, and we assist them in closing gaps and weaknesses. Once these are ironed out, they can plan for the future in what is a fast and growing market filled with uncertainty and challenge. It is inevitable that many of the growing businesses in this area will fail simply because of criminal attacks or because the consumer, the merchant, the supplier or market simply ‘goes in a completely different direction’. Future-proofing is a prudent course of action and one which UKFraud helps with but of course no-one has a crystal-ball.

“As there are already so many new technology developments in mobile payments and m-commerce in general, we still haven’t seen a ‘full-on’ response from some of the main traditional ‘payment’ organisations yet. Equally, outside of  the excellent steps being taken by the European Payments Council, there is not enough heard from governments and regulators relating to governance of the sector, controls and requirements for eMoney, enforcement direction or  strengthening of the Money Laundering requirements to cover the sector. We are confident though that The European Payments Council will take a strong lead here soon.

“Fortunately, the recent launches by sector leaders such as Google and Apple have had extremely positive impact and have influenced the market greatly for the better. Our aim in recognising both the beneficial impact of recent market developments and the prospect of announcements from Europe will help other organisations navigate the best route forward for their products, thereby helping them reduce the risks of their own solutions within the broader mobile solutions and mobile ‘wallet’ space.”

News Source

Who Polices The Fraud And Security Managers?

UKFraud SIG Identifies The Measures That Need To Be In Place

Following the recent high profile cases of senior fraud and online security managers being caught up with fraudulent activity, UKFraud’s Special Interest Group (SIG) for Corporate Fraud Prevention has drawn up a new set of benchmarks which will help organisations identify the signs that something is awry. The SIG also outlines the most effective strategies for countering these risks.

Recently established by UKFraud, the Corporate Fraud Prevention SIG consists of leading fraud prevention consultants coupled with representative input from a wide range of fraud industry skill sets. The SIG was established in response to sector frustration at recent claims by the UK’s National Fraud Authority that fraud levels have risen significantly from £38bn in 2011 to £68bn in 2012. The aim of the SIG is to analyse the approach taken to fraud in the corporate sector and to make recommendations for change at local, national and global levels.

According to the SIG’s research, the most likely signs of wayward behaviour by fraud and security management are relatively easy to spot and yet often overlooked. They include:

Fraud Systems that are below par. The fraud systems chosen by an organisation can be unfit for purpose and may not deliver what is required. There is also often an unwillingness, due to the influence of the internal fraudster, to consider competitive fraud technology products that do deliver or that can deliver more quickly. Often, the SIG says, it is easy enough with hindsight to see that a change to effective systems had been deliberately avoided, but typically, career minded employees are reluctant to blow whistles.

Erratic, incomplete, late or excuse laden management and system reporting is a classic sign that line managers are covering something up and says the SIG, this is just as likely to be the case with those fraudulently managing the security and anti-fraud systems of a company. Normally, further investigation will reveal that ‘lip service’ and increasingly tenuous explanations are given assertively to thwart follow up activity. When though one is dealing with an errant fraud manager, these explanations are more difficult to see through and more than likely to pass the plausibility test. Often the blame for the cause of any suspicion will be thrown onto inadequate IT systems or on the political gaps between corporate silos.

Frequent excuses are often based around IT related issues, such as technology compatibility problems between different company systems or even between international systems.

Unexplained wealth of managers outside of work. There will be plenty of evidence of the rewards of wrong doing with fraudsters purchasing luxury housing, wardrobe, holidays, cars and home computing equipment together with other rewards for family and friends which can even extend to private school fees for children.

Work place rumours, jokes and tip offs. These are often dismissed as political jibes but often this is a tell tale sign that something is wrong and that staff are too afraid to ‘blow the whistle’ formally.

Frequent use of the ‘privileged rank’ of Security or Anti-Fraud Manager to divert questions or to avoid enquiries from those who might raise suspicion, such as the internal or financial auditors. This also includes the robust use of the ‘we don’t want to compromise security by answering your questions’ excuse.

Where fraud specialists know the latest trick, for example how on-line fraud works, the unique symptoms of that particular scam will show up in the company where the internal fraudster is using it themselves.

UKFraud’s Corporate Fraud Prevention SIG believes that ‘maintaining an independent review perspective managed by those with the greatest experience’ is the most effective solution for combating inside jobs by fraud and security management. Amongst the strategies the SIG would recommend are:

A greater emphasis on the use of Non-Executive Directors. This is crucial, says the SIG, as usually Non-Execs are appointed for their experience of skills and operations in other organisations and sectors. They have that ‘other worldly’ eye that is able to cast a different perspective. They should have the ability to review all aspects of a company’s anti-fraud strategy and to ask awkward questions ‘from the top’ as this carries more weight.

Up-to-date reporting must be a core mantra of good company management, with the details of repeated exceptions thoroughly investigated. Organizations should also ensure that reports are not only timely but that they are also complete, real and updated as required. These processes should also then be built into the internal audit schedule for checking. This in turn should feed into the main GRC (Governance Risk and Compliance) systems. In addition, wherever appropriate, organisations should adopt an enterprise-wide approach to technology as this will help with systems issues. Thus, if the technology works well in all other parts of an enterprise, it is highly noticeable if it fails in the management of the fraud department or the control of online and financial systems.

Organizations need to establish records both electronically and on paper. This should include specifying where documents are and when they should and should not be stored. One should identify who is in control of these systems, processes and procedures and who has ownership of specific records. Organizations also need to decide who is responsible for checking that these measures are followed. The scanning, and indexing of work needs to be carried out to professional standards and there must be rules to ensure that no-one can intercept/edit documents at an inappropriate stage or in a fraudulent way. It is also important, the SIG believes, to ensure that your storage capacity is controlled properly.

Where acquisitions and mergers are concerned, organizations need to ensure that all documents are available and stored appropriately and securely, especially those that relate to IP protection, IP development records, audit trails and staff contracts. In particular, when acquiring a business, companies must make sure that they have indemnities and penalty clauses built into the acquisition agreements which relate to the availability of data, logs, audit trails and so forth.

An extra fraud prevention ‘task-set’ should be drawn up for auditors and IT auditors whether they are internal or external. This can have a real impact, although sadly most auditors are simply there to either report on financial results or check asset lists and software licence compliance. There are though many specialists that can undertake ‘special’ tailored checks to find frauds within all manner of business systems including: payroll, invoicing or payments. By turning them towards checking the efficacy of the security and fraud systems in place, says the SIG, it is not only a greater deterrent but also a far more certain way of catching wrong doing whilst in flight.

Getting HR more involved. This allows you to define responsibilities and handle warnings for non-compliance.

Organisations should actively consider the use of external risk consultants who can offer solutions which benefit from an independent viewpoint that resides outside of a company or its politics.

Where doubts exist, organisations should contemplate the use of private investigators to look deeper into the processes used by those who are deemed to be high risk people. These need to be the breed of computer literate investigators with corporate fraud experience.

SIG member Malcolm Gardner, the CEO of fraud prevention consultancy Freevision Ltd., believes that the situation may be worse than many fear. In his view, “Typically, when fraud or security managers are caught, it is either because they went too far, having become complacent, or where there has been a tip off. This tends to suggest that those who are caught might simply be the tip of the iceberg. With sectors such as the online market, now so very tempting to fraudster, it can also be tempting for internal cheats too. Corporations need to be sure of their staff and need to put the right systems in place to help the loyal staff who are the ones still working for the good of the company.”

Bill Trueman the CEO of RiskSkill and UKFraud, echoed Gardner’s comments adding, “It is awful whenever any fraudster is identified within a business, but if it is the person who has the responsibility for fraud prevention themselves, then this is even more abhorrent. Within the fraud SIG, we all universally believe that these fraudsters who were identified as fraud specialists themselves should have significantly more severe punishments, for abusing these particular positions of trust. The first step is finding them and then managing the problem. Hence, our SIG was keen to put these guidelines in place for all to benefit. We would welcome any feedback on other pointers and precautions that people feel might be also of benefit in future SIG reports.”

News Source

Mobile Payments Sector Growth Could Bring Fresh Fraud Challenges Says New UKFraud Special Interest Group

UKFraud (www.ukfraud.co.uk) has set up a new Special Interest Group (SIG) for the Mobile Payments sector. The new SIG will monitor, analyse and report on key market developments for use by stakeholders in the domestic fraud prevention sector. The SIG consists of leading fraud prevention consultants coupled with representative input from a wide range of mobile payment industry specialists. In its initial review, the SIG will analyse those characteristics and challenges of the mobile payment market that are most likely to encourage fraudsters to target the sector. In particular, the SIG will investigate the factors that could give rise to an increased risk of fraud. Amongst the key market challenges that the SIG will review are:

1 Sheer Scale of Market Growth
The SIG notes the appearance of a number of spectacular recent mobile payment market forecasts. These include a report from Reuters, in March 2013, highlighting a survey by ‘Heavy Reading Mobile Networks Insider’ suggesting: “The mobile payment industry is growing, offering revenue generating solutions throughout the market and potentially… $1 trillion in global transactions by 2015.”

The SIG is also conscious of the global spread of mobile payment, with the explosive growth of m-commerce in the United States, China, India, Latin America and the Far East. Recent data from the ITU (International Telecommunication Union) supports this, pointing to global mobile subscriptions now reaching 6 billion. However, in the face of this backdrop of explosive growth, the SIG is concerned that key sector protagonists lack visible preparedness for the likelihood of such large-scale market expansion or the resultant fraud risks that might ensue.

Indeed, the SIG believes from its own analysis of the sector, that only a small proportion of marketers currently have any formal strategy for leveraging and exploiting mobile payments fully. And, whilst there are also other reports that there is a huge need for ‘Mobile SEO’ to spread the news of the latest products to potential consumers, it is the SIG believes, also still a relatively scarce activity. Should this scenario represent reality on the promotional side, then it is also unlikely, the SIG believes, that adequate fraud systems will have been put in place by many of the main players either.

2 The Speed of Technology Advances
The SIG also recognises that the greatest challenge to the development of plans and strategies that align organisations within the mobile payments sector is the sheer speed of technical change. Seemingly, all the main mobile device players are racing to produce the ‘next best thing’ and major forces such as Google with its Wallet and Apple with the Passbook are also having a significant and positive impact with market pundits. The international card schemes also have an influence on the development route(s) as do many other highly innovative and respected third parties including:  iZettle, mpowa, and PayPal. However the chances are, says the SIG, that whilst some of the other sector protagonists, regulators and customers could potentially struggle to keep pace with such an enormous rate of change, the fraudster thrives in such fast moving environments and simply ‘adapts’ like an ‘amorphous entity’ to outsmart and outflank the market’s developments.

3 What Are The Customer Perceptions of The Mobile Payments Sector?
Amongst the other contradictions to be reviewed by the SIG are claims by some pundits who point to the relatively modest levels of take up of mobile payment products to date. Whilst some believe that many people are waiting until the next ‘big thing’ appears, others cite the plethora of new products already appearing. Some claim that this consumer reluctance to adopt, is the result of confusion over the number and nomenclature of devices and financial products. Yet others highlight a number of recent high profile data breaches both amongst financial services and social media companies which drive caution amongst consumers. However, it is felt that once a major new standard or solution appears that the dam could break. When the dam breaks, the SIG feels, there is a potential concern that some of the new solutions will be more easily and quickly exploited by fraudsters than those that currently benefit from clear best-practice and consumer guidelines.

4 Can Standards Keep Pace? 
Whilst standards would boost consumer confidence, the impact of technology and financial product churn coupled with extreme growth could, the SIG believes, threaten the applicability of many existing standards. Other newer standards might simply not keep pace. There is also, the SIG believes, a myriad of organisations from which such standards can come. This could well cause confusion for consumers and therein delight the fraudsters.

The SIG feels that a widely respected organisation that might potentially take a positive lead in the payments sector is UK Payments (formerly APACS). The SIG will also review other alternatives and analyse which existing standards bodies might develop an effective solution. Well regarded bodies might include: the ISO or the European Payments Council, which could potentially, some feel, develop a new SEPA regulation for the mobile sector. The SIG will also review whether widely acclaimed and respected card schemes (such as: Visa / MasterCard etc.) might take a lead as there is potentially a strong interest to capture the market if it grows rapidly.

The SIG feels that potentially mobile payments control could be evolved through an entirely new ‘standard’ that will develop by default and be adopted by others. It is possible, says the SIG, that this could be led by a card organisation, a proprietary payments provider, by an individual bank or a telecoms company. Indeed, the SIG believes that there is every chance that it could result from a collaboration or spin-off of any of the above. Indeed, as things roll-on so fast, this body may not yet exist.

Mobile payments could potentially, the SIG claims, replicate traditional magnetic stripe read transactions; or even replace the later ‘chip read’ transactions. This would cause an evolution in ecommerce transactions through m-commerce, and be the ideal facilitator of NFC contactless payments. In addition, mobile devices could very well become the first choice to be used by merchants as a payment acceptance terminal themselves.

5 Who Owns The Regulation?
The SIG will also review whether a ‘potential standards debacle’ might have a ‘knock-on’ effect upon regulation. The SIG feels that there are so many complications, and so many interested stakeholders, all with conflicting desires to collaborate or compete, that it is hard to know where and how mobile payments will be regulated, let alone who will ‘own’ the regulation.

It will be interesting to see the role governments play. The SIG feels that with the respected EU Cyber directive focussing on setting good foundations with the Network and Information Security standards in individual member states, the current thrust seems potentially a long way from specifically addressing mobile payments. Turning to the UK, the SIG questions whether the government is likely to drive innovation in this area, as the risk, payments and fraud skills within the leading departments (Cabinet Office, FED and the National Fraud Bureau) might not be those required.

Commenting on the new SIG, its Chairman Kevin Smith (a former head of fraud management at Visa Europe and now an independent payments, risk and fraud specialist) feels that the review will highlight a need to ‘build fraud prevention in’ at all stages early on. He notes, “There will be so much potential change and growth, that it’s not just the technology vendors or financial service providers that are watching the situation closely. Rest assured that a seasoned group of criminals will be looking just as closely, albeit at a different range of opportunities. Only by sharing information and working together at an early stage can the sector start to properly understand the challenges and offer a really effective series of counter-measures. Our aim is hopefully to assimilate and collate a weight of analysis that will prove useful to those stakeholders who are keen to fend off fraudulent activity.”

Bill Trueman CEO of UKFraud and RiskSkill welcomed Smith’s comments. In his view, sharing information and collaboration could work at all levels and could even be led by the UK government. He notes, “Potentially there is a golden opportunity here for the UK to take a lead. Naturally a governmental lead would be preferable. However, some feel that The NFA (National Fraud Authority) and also the Cybercrimes Unit are rather more engaged in defending UK Plc., against attacks than driving commercial standards globally in internationally applicable growth areas such as this. However, they should play a major role here. Some though feel that recently the priority of these bodies has been turned upon the domestic public sector, as this alone is a mammoth area to direct and protect. Hopefully, though, if the mobile payments sector grows as fast as has been suggested, the UK government will then see an opportunity to invest an appropriate amount of money in safeguarding the UK from fraud in the mobile payments sector. In the meantime, we shall work alongside other like-minded groups as a collective approach is certainly one way to ensure that the right information is shared by those in fraud prevention who most need it.”

The SIG’s findings will be published later this year.

About UKFraud (www.ukfraud.co.uk)

UKFraud is a leading UK based consultancy, with an impressive international track record of eliminating the risk of fraud. Its founder Bill Trueman is widely accepted as one of Europe’s leading fraud experts and a frequent commentator and writer on the issues involved. Trueman has extensive experience of the banking, insurance and the financial services sectors and is a thought leader at the forefront of many industry wide and international debates.

News Source

Current Fraud Trends in 2013 & Upcoming Years

We know that when technology in the world changes so the techniques used by the Fraudsters to commit frauds in the organizations, ans such fraud techniques and fraud trends keeps on changing year on year basis. Similarly UK Fraud the leading Corporate Fraud Prevention organization of the Europe has identified the leading 10 Fraud Trends in the coming years.

corporate fraud prevention and management consultancy

A fraud consultancy UKFraud has identified 10 key trends that it suggests will characterise the domestic fraud prevention market. The ten are:

1. With more high quality data becoming available to fraudsters than ever, an economy forecast to contract and the UK’s benefits spend reducing, overall fraud levels will continue to increase dramatically across the UK and the rest of Europe. Fraud hotspots most likely to be affected in 2013 include: banks and card companies, insurers, online merchants, retailers and government be it HMRC, the universal credit scheme or local authorities.

2. The types of fraud likely to see the biggest growth will be CNP (Card Not Present) card fraud, other forms of cybercrime, internal fraud, and supply chain fraud. Procurement fraud is also set to rise significantly. In contracting economies, evidence suggests that people inside this function can be put under pressure to defraud.

3. Mortgage fraud is also set to surge in 2013, with credit rating experts pointing the finger at further rises in first-party fraud – ie where people misrepresent their finances whilst applying for mortgages. Once again the economic climate is a significant contributor in this.

4. Recent spectacular mass data breaches and suspicion of cloud security in some areas will continue. An increasingly greater emphasis will be placed upon PCI DSS and other data security and integrity issues. Already, the daily number of automated attacks on bank and retailer systems runs into the millions, which means that we will continue to see major high-profile data breaches both reported and otherwise.

5. Solutions will be based around systems for acquirers, online merchants and PSPs, who are regularly the victims of CNP fraud – where fraud is growing fast in line with the growth in internet based payments. Increasingly, solutions will move to better and newer generations of screening, scoring and risk based monitoring, such as those based upon Bayesian based fraud detection systems. These will start to pose a real challenge to older systems based on ‘so called’ Neural Networks.

6. Most people feel that there could be a lack of unified central direction and strategy from government. The lack of a pan-European strategy will also prevail. The UK government’s response is divided between the NFA, the Cyber Crimes unit and the Cabinet Office’s FED (Fraud Error and Debt Initiative). Some believe passionately that the lack of a unified central government strategy will drive up fraud significantly in 2013. On the positive side, at least some of the civil servants who have been involved in the NFA since the beginning are starting to gain real experience of the sector and an appreciation of the enormous challenges they face. The DWP is also tendering to get some real-world fraud strategy skills into their midst too, which should prove invaluable given the changes due with the Universal Credit.

7. The USA is increasingly ready for a policy U-turn on the adoption of signature as the CVM of choice. The US market will find it increasingly difficult to evolve in a global payment systems world without the protections offered either by PINs – or a ‘next generation’ solution. As the rest of the world is moving (or largely has moved) in this direction already, 2013 could see this U-turn as fraud increasingly migrates to the US.

8. Major insurers will continue to develop a strong and very credible fraud prevention solution based around the ‘front end’ (underwriting stage of business) The emphasis on delivering a strong industry wide data-sharing drive will also continue to increase; although a whole re-think of the industry fraud register will be needed to address Data Protection Act requirements.

9. There will be a major shift in the presence, position and fraud service offerings of one or more of the major data-bureaux (such as credit reference agencies), as more solutions either move ‘in-house’ or move to systems developed by a host of new players in various fraud sectors.

10. And there will be some surprises as there always are – whether they are policemen ‘on-the-take’, another raft of politicians fiddling their expenses, or further high profile banks brought to their knees by (usually) rogue traders.

“The current economic climate is driving change and there is an evolution in the world of fraud prevention that we have not seen before,” says Bill Trueman, founder and CEO of UKFraud and RiskSkill. “However, if we are to stay ahead of the fraudster, we have to be able to read these trends and manage both our strategy and the risks accordingly. In highlighting what we see as the trends, we aim to contribute to the debate and raise awareness of the risks. By keeping this debate alive we hope that fraud prevention will shortly gain an even greater emphasis in key seats of power – be that in the boardroom or within key government departments.”

News Source

Mega Fraudsters Are Often NOT Held Responsible For Most of the Frauds.

The vast amount of fraud in most developed countries takes place from lots of people stealing more modest amounts from government and from large corporations. So whilst we may occasionally read about the $ multi-million losses perpetrated by individuals, this is comparatively rare.

There are many tens of thousands of people who steal $10 – $10,000 every day through false benefit applications, bogus grants, insurance claims, local authority claims, injury claims, stolen card usage and walking away from utility bills or internet orders. Oddly, the widespread deployment of IT systems to manage corporate fraud and corporate processes often makes business fraud easier, as fraudsters prefer such faceless processes to dealing with real people, thus making corporate fraud losses prevention difficult.

UKFraud is an independent fraud prevention organisation (under the leadership of Bill Trueman) which helps banks, corporates, insurance companies, telecommunication sector, and other organisations investigate, detect and prevent fraud to save millions.