Digital banking fraud: detection and investigation best practices for online banks

In the past decade or so, a new breed of bank has gone fully digital. Neobanks - banks that operate exclusively online without a brick and mortar presence - respond to the needs of certain customers by offering more convenience and lower fees on certain operations. 

But digital banking fraud can be especially challenging for these younger, online-first banks. Being newer in the banking space and lacking a physical presence can leave digital banks more vulnerable to fraudsters. 

This article looks at why a rise in online banking has gone hand in hand with a rise in banking fraud. With fraud expert Emily Williams (You should register for her live demo series!), we'll explore some of the main fraud challenges neobanks face. Then we’ll take a look at best practices for digital banks to detect and investigate fraud to better protect their customers and their business.

Unlike traditional banks that offer online banking via an app or web interface in addition to services in a physical storefront, neobanks (also called challenger banks), are 100 percent digital. In most cases they don’t have a brick and mortar presence, so everything from onboarding to transactions happens online. This can translate to faster and more convenient service for their clients, who may also benefit from low- or no-fee services.

The relative convenience of neobanks for customers has contributed to their popularity. But the novelty also means increased risk. Fraudsters are experts at exploiting anything new for gain and digital banking is no exception.

Digital transformation - in banking and beyond - has also enabled many new and transformed types of fraud. Fraudsters are opportunists always on the lookout for new vulnerabilities, and new technology is an easy target.

The rapid shift towards digital banking, both by traditional banks and with the emergence of neobanks, has been a boon for fraudsters. With digital banking, there are more and more transactions and they move fast. Complexifying the picture is the fact that fraud has also become professionalized and industrialized. The incidents of fraud resulting in the highest losses tend to be the work of organized criminal groups operating like businesses.

Without the right tools for the job, analysts and investigators can end up with blind spots that result in costly incidents of fraud.

Digital-first banks are both new within the financial services market and operate in novel, innovative ways. This also means they face some unique fraud challenges. We talked to Emily Williams, Customer Success Manager at Linkurious and former fraud analyst at a neobank, payment processor, and payment app about these challenges.

Digital banks are newer. Most of them have emerged only within the last decade. This means they lack the kind of historical data that traditional banks have: data on fraud, data on customer behavior, etc. “The more information a financial institution has, the easier it is to accurately detect suspicious activity. Neobanks have relatively little data in comparison to the largest banking institutions that have been around for years and have had time and plenty of historical data to track normal consumer spending habits and fraud trends. Without the same kind of data, neobanks can lack visibility,” says Emily Williams.

“Fraudsters like to target new products, or products with new features,” says Emily. New products will also have new fraud measures that may not be as tried and tested as the fraud measures in place for more established products. “Fraudsters know these new protections may not be as robust.”

At digital banks, KYC processes are limited by the lack of in-person interactions. Without a brick and mortar presence, a neobank may not verify the identity of a customer in the same way as a traditional financial institution. When opening an account at a traditional bank, it would normally be expected to show proof of identification such as a driver’s license, passport, or other government-issued ID. With neobanks, this may not always be the case in order to expedite the sign-up process. “This can open the door for synthetic identity fraud and other fraud schemes,” says Emily.

As newer financial institutions, neobanks have pressure to grow quickly. “Rapid growth can create a strain on the resources and labor available to address fraud and leave gaps in the defenses,” says Emily.

With these challenges in mind, there are actions neobanks can take and tools and processes they can adopt to mitigate fraud risk - and to better detect and investigate suspicious activity when it occurs.

With limited resources, having the right tech stack to spot and investigate suspicious activity can make all the difference. More established, traditional tools may not be the most efficient solution for neobanks. They can be expensive or fail to meet their specific needs. Newer technologies working together, including AI and machine learning as well as network analysis tools, can instead offer both more affordability and the flexibility online banks need to tackle constantly evolving fraud threats. 

A solution like Linkurious Enterprise, working alongside a graph database, allows analysts to see all their data in one place and provides flexibility and scalability. It’s built to analyze and visualize complex networks, making it easy to quickly identify and investigate fraud incidents.

In absence of the historical data that traditional financial institutions benefit from, open source data can be an important asset for an online bank. Tools like social media or sanctions lists - like Open Sanctions - can add extra layers of data to help analysts detect fraudulent activity.

Neobanks can rely on machine learning models and alerts to automate detection. In some cases, machine learning can take automatic action, diminishing the need for human review of certain incidents. “Using alerts can also help banks get ahead of the fraud, as early as account creation,” says Emily Williams. “It’s better to be proactive on fraud rather than just flagging suspicious transactions as they happen.”

BforBank is a French bank that operates entirely online. The bank’s compliance unit was finding it challenging to identify complex fraud schemes in siloed data. With their existing technology, based on relational data, the queries to investigate flagged customers, transactions, or behaviors could take several hours or even days. The slow investigation process increased the risk of higher losses. 

To improve fraud detection and reduce investigation time, BforBank decided to implement Linkurious Enterprise financial crime investigation software. Relying on graph technology, the data was immediately available in Linkurious Enterprise, providing an easy way to visually explore the connections between entities. Immediately after deploying Linkurious Enterprise, the risk and compliance department was able to uncover complex fraud cases that had previously gone undetected. The bank estimates they were able to detect and stop 20% more fraud attempts after implementing the tool.

Read more about BforBank’s story.